[11] RFR 8194879 : Runtime.Version parses string which does not conform to spec without throwing IAE
Roger Riggs
Roger.Riggs at Oracle.com
Wed Jan 17 15:04:56 UTC 2018
Hi Brent,
The bug number should be added to the @bug line in the test.
Thanks, Roger
On 1/16/2018 4:21 PM, Brent Christian wrote:
> Hi,
>
> Please review this version string parsing fix for Runtime.Version.
>
> Issue:
> https://bugs.openjdk.java.net/browse/JDK-8194879
> Webrev:
> http://cr.openjdk.java.net/~bchristi/8194879/webrev.00/index.html
>
> From the bug:
> --
> "As per the specification of Runtime.Version:
>
> A version string, $VSTR, is a version number $VNUM, as described
> above, optionally followed by pre-release and build information, in
> one of the following formats:
>
> 1. $VNUM(-$PRE)?\+$BUILD(-$OPT)?
> 2. $VNUM-$PRE(-$OPT)?
> 3. $VNUM(+-$OPT)?
>
> So an example of "10--ea" does not confirm to any of the above regex's."
> --
>
> For "10--ea", the leading '-' gets picked up, and OPT (which allows
> the '-' character) gets set to "-ea". So the pattern matching of the
> elements appears to happen as intended.
>
> A case can be added in the parse() code to disallow this (case #2 with
> an OPT present, but no PRE).
>
> Thanks,
> -Brent
More information about the core-libs-dev
mailing list