[9] RFR 8163518: Integer overflow in StringBufferInputStream.read(byte[], int, int) and CharArrayReader.read(char[], int, int)
Aleksey Shipilev
aleksey.shipilev at gmail.com
Wed Aug 10 19:54:04 UTC 2016
On 08/10/2016 10:40 PM, Aleksey Shipilev wrote:
> On 08/10/2016 08:55 PM, Ivan Gerasimov wrote:
>> http://cr.openjdk.java.net/~igerasim/8163518/01/webrev/
>>
>> Would you please help review it once again?
>
> I wonder, shouldn't it be (n <= k) here:
>
> 164 long k = count - pos;
> 165 if (n < k) {
> 166 k = (n <= 0) ? 0 : n;
> 167 }
> 168 pos += k;
> 169 return k;
>
> "k" is the max number of chars to skip. It should be possible to skip
> all remaining chars when (n == k), right?
Wait, the code confused me. Of course, when (n == k), we have a proper
"k" already. Suggestion: let's not be overly cunning, and do a clearly
understandable boundary recovery:
long k = count - pos;
if (n > k) { // overflow
n = k;
}
if (n < 0) { // underflow
n = 0;
}
pos += n;
return n;
This is similar to other two changed pieces.
Thanks,
-Aleksey
More information about the core-libs-dev
mailing list