RFR: JDK-7154662: {CRC32, Adler32}.update(byte[] b, int off, int len): undocumented ArrayIndexOutOfBoundsException
Florian Weimer
fweimer at redhat.com
Fri Aug 16 07:54:06 UTC 2013
On 08/15/2013 07:05 PM, Xueming Shen wrote:
> On 08/15/2013 05:15 AM, Florian Weimer wrote:
>> On 08/14/2013 11:33 PM, Chris Hegarty wrote:
>>>
>>> > * @throws ArrayIndexOutOfBoundsException
>>> > * if the {@code off} is negative, or the {@code len} is
>>> > * negative, or the {@code off+len} is greater than the
>>> > * length of the array {@code b}
>>>
>>> I agree that specifying this in CRC32 and Adler32 is the right thing to
>>> do. Trivially I'd drop the 'the' before the arguments, or maybe take the
>>> working from InputStream.read(byte[],int,int) :
>>>
>>> "If off is negative, len is negative, or len is greater than b.length
>>> - off"
>>
>> The InputStream wording is much better because it correctly covers the
>> off + len < 0 case. :-)
> The one I have (without that "the") is the outputstream version. I would
> assume it is equivalent to the inputstream version, given we have
> exclude the off < 0 and len < 0 cases :-)
It's not because off + len can overflow and turn into a negative value
even if both operands are positive. To me, using {@code ...} strongly
suggests Java semantics.
(I might be wrong about this—I have made incorrect suggestions related
to integer overflow detection in the past.)
--
Florian Weimer / Red Hat Product Security Team
More information about the core-libs-dev
mailing list