[11] RFR 8194879 : Runtime.Version parses string which does not conform to spec without throwing IAE
Brent Christian
brent.christian at oracle.com
Tue Jan 16 21:21:45 UTC 2018
Hi,
Please review this version string parsing fix for Runtime.Version.
Issue:
https://bugs.openjdk.java.net/browse/JDK-8194879
Webrev:
http://cr.openjdk.java.net/~bchristi/8194879/webrev.00/index.html
From the bug:
--
"As per the specification of Runtime.Version:
A version string, $VSTR, is a version number $VNUM, as described above,
optionally followed by pre-release and build information, in one of the
following formats:
1. $VNUM(-$PRE)?\+$BUILD(-$OPT)?
2. $VNUM-$PRE(-$OPT)?
3. $VNUM(+-$OPT)?
So an example of "10--ea" does not confirm to any of the above regex's."
--
For "10--ea", the leading '-' gets picked up, and OPT (which allows the
'-' character) gets set to "-ea". So the pattern matching of the
elements appears to happen as intended.
A case can be added in the parse() code to disallow this (case #2 with
an OPT present, but no PRE).
Thanks,
-Brent
More information about the core-libs-dev
mailing list