RFR [7129312] BufferedInputStream calculates negative array size with large streams and mark
Ivan Gerasimov
ivan.gerasimov at oracle.com
Fri Aug 16 13:12:33 UTC 2013
Hello everybody!
It was reported that BufferedInputStream#read() method may throw
NegativeArraySizeException.
This is due to doubling the buffer size in the fill() method without
checking for a possible overflow.
BUG: http://bugs.sun.com/view_bug.do?bug_id=7129312
Affected versions of jdk are 6, 7 and 8
Would you please help review a fix?
http://cr.openjdk.java.net/~igerasim/7129312/0/webrev/
It uses approach similar to what was suggested for 8020669: The
maximumBufferSize = (Integer.MAX_INTEGER - 8) constant is introduced and
we don't make attempts to allocate a bigger array.
Please note, that the sample code as it was originally reported still
doesn't work. That's because that setting
buffStream.mark(Integer.MAX_VALUE) actually means that buffStream will
have to try to allocate an array of that size given a large enough input.
Sincerely yours,
Ivan
More information about the core-libs-dev
mailing list