RFR: 8263509: LdapSchemaParser.readNextTag checks array length incorrectly
Thomas Stuefe
stuefe at openjdk.java.net
Fri Mar 12 16:13:16 UTC 2021
On Fri, 12 Mar 2021 13:25:31 GMT, Aleksey Shipilev <shade at openjdk.org> wrote:
> SonarCloud rightfully says:
> The length of "values" is always ">=0", so update this test to either "==0" or ">0".
>
> // make sure at least one value was returned
> if(values.length < 0) { // <--- here
> throw new InvalidAttributeValueException("no values for " +
> "attribute "" +
> tagName + """);
> }
>
> There is a subsequent access to values[0], which means the failure would throw `AIOOB`, not `InvalidAttributeValueException`.
>
> Additional testing:
> - [x] Linux x86_64 fastdebug, `com/sun/jndi`
Seems fine. Lets hope no caller relies on this throwing AIOOBE.
..Thomas
-------------
Marked as reviewed by stuefe (Reviewer).
PR: https://git.openjdk.java.net/jdk/pull/2968
More information about the core-libs-dev
mailing list