[PATCH] 6788196: Array bounds checks in io_util.c rely on undefined behaviour

[Alan Bateman]

Gary Benson wrote:
> Hi Martin,
>
> I like your method of avoiding the overflow, it's a nice idea.
>   
I agree, and also better matches the method specification.

> I've attached an updated version of my original patch, with that,
> and with an expanded comment too, to make sure the fix doesn't
> get reverted later on in the interests of readability or whatever.
>   
I checked the pre-OpenJDK history and this bounds check has been so 
since 1.2 (10+ years old). It's kinda surprising this hasn't been 
noticed with other ports. Did you run into this with an existing test 
(JCK or regression/unit)? Ideally we should have more tests to catch 
these issues (one existing test that we could update is 
java/io/readBytes/ReadBytesBounds.java).

> Can I ask that you file a seperate bug for your other changes?
> They're not specifically related to 6788196, and I feel it
> confuses the issue somewhat having a bunch of unrelated changes
> in the patch.
>   
Speaking of, is there a related HotSpot issue that lead to the assert 
datalen >= 0? It's likely many things would break if GetArrayLength 
return a negative value so just curious.

-Alan.