RFR: 8263509: LdapSchemaParser.readNextTag checks array length incorrectly

Aleksey Shipilev shade at openjdk.java.net
Tue Mar 16 08:59:04 UTC 2021


On Fri, 12 Mar 2021 15:28:03 GMT, Thomas Stuefe <stuefe at openjdk.org> wrote:

>> SonarCloud rightfully says:
>>   The length of "values" is always ">=0", so update this test to either "==0" or ">0".
>> 
>>         // make sure at least one value was returned
>>         if(values.length < 0) { // <--- here
>>             throw new InvalidAttributeValueException("no values for " +
>>                                                      "attribute "" +
>>                                                      tagName + """);
>>         }
>> 
>> There is a subsequent access to values[0], which means the failure would throw `AIOOB`, not `InvalidAttributeValueException`.
>> 
>> Additional testing:
>>  - [x] Linux x86_64 fastdebug, `com/sun/jndi`
>
> Seems fine. Lets hope no caller relies on this throwing AIOOBE. 
> 
> ..Thomas

> This looks right but I'm surprised it isn't caught by tests (@AlekseiEfimov - do you have suggests for tests that would be useful to add here?)

Can we go without adding tests here? This seems quite trivial.

-------------

PR: https://git.openjdk.java.net/jdk/pull/2968


More information about the core-libs-dev mailing list