RFR: 8282578: AIOOBE in javax.sound.sampled.Clip
Sergey Bylokhov
serb at openjdk.java.net
Sat Jun 4 21:02:25 UTC 2022
On Sat, 4 Jun 2022 13:46:10 GMT, Alexander Zuev <kizune at openjdk.org> wrote:
> No, because determining the correct length of the message will require basically to parse it all, the correct length could be a 2 bytes or hundreds of bytes - in order to determine we have to process the message completely.
There are 64 usages of `data` in that method most of them use constants like 1/2/3 and other usages are in the loops, both can be easily checked. There is also code like ` int[] destinations = new int[(data.length - 7) / 2];` which could cause the NegativeArrayException, or probably some others. It s better to check the out of bands access before access than to have a try/catch block for 300 lines of code.
-------------
PR: https://git.openjdk.java.net/jdk/pull/9016
More information about the client-libs-dev
mailing list