RFR [9]8134424: BlockDataInputStream.readUTFBody: examine sizing local StringBuffer with the given length

[Aleksey Shipilev]

On 09.02.2016 00:40, Chris Hegarty wrote:
> And of course, this should read...
> 
> 
>> On 8 Feb 2016, at 15:34, Chris Hegarty <chris.hegarty at oracle.com> wrote:
>>
>> It was suggested to me off-list that the implementation should choose a
>> reasonable initial capacity value ,to size the StringBuilder, rather than
>> the value read from the stream ( in case of bad or corrupt data ). So the 
>> proposed changes are:
>>
>> diff --git a/src/java.base/share/classes/java/io/ObjectInputStream.java b/src/java.base/share/classes/java/io/ObjectInputStream.java
>> --- a/src/java.base/share/classes/java/io/ObjectInputStream.java
>> +++ b/src/java.base/share/classes/java/io/ObjectInputStream.java
>> @@ -3144,7 +3144,9 @@
>>          * utflen bytes.
>>          */
>>         private String readUTFBody(long utflen) throws IOException {
>> -            StringBuilder sbuf = new StringBuilder();
>> +            // a reasonably initial capacity based on the UTF length
>> +            int initialCapacity = Math.min((int)utflen, 16384);
>> +            StringBuilder sbuf = new StringBuilder(initialCapacity);
>>             if (!blkmode) {
>>                 end = pos = 0;
>>             }

Still, the corrupted stream may call readUTFBody(1L +
Integer.MAX_VALUE), that yields initial capacity of -2147483648, which
in turn fails StringBuilder(...) with NegativeArraySizeException. But I
wonder if that is actually a valid UTF8 input, because you cannot have
that large of a String...

-Aleksey