ijar: preserve multi-release status #28322
Conversation
github-actions
bot
added
the
awaiting-review
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request adds support for preserving the Multi-Release: true attribute in the manifest of generated interface jars. The implementation involves refactoring manifest handling to read the input jar's manifest upfront and pass it to the processing logic. The changes are well-structured and include corresponding tests. I've identified a critical null-pointer-dereference bug due to an unchecked malloc and a high-severity correctness issue in the manifest parsing logic. Please see my comments for details.
| manifest_buf_ = (u1 *)malloc(size); | ||
| memmove(manifest_buf_, data, size); |
There was a problem hiding this comment.
malloc can return NULL if memory allocation fails. The subsequent call to memmove would then dereference a null pointer, leading to a crash. You should check the return value of malloc and handle the error, for example by calling abort() which is consistent with error handling in other parts of this file.
Also, since the source and destination memory areas do not overlap, memcpy is more appropriate and potentially more performant than memmove.
manifest_buf_ = (u1 *)malloc(size);
if (manifest_buf_ == nullptr && size > 0) {
fprintf(stderr, "ijar: Failed to allocate memory for manifest.\n");
abort();
}
memcpy(manifest_buf_, data, size);There was a problem hiding this comment.
Ignoring allocation failures is the preexisting style of this file.
The output of ijar manifest now includes Multi-Release: true if the input jar manifest has it. Fixes bazelbuild#28316
benjaminp
force-pushed
the
ijar-multirelease
branch
from
7ebf3ac to
081d406
Compare
1 participant
The output of ijar manifest now includes Multi-Release: true if the input jar manifest has it.
Fixes #28316