commons-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From pascalschumac...@apache.org
Subject [1/2] [lang] LANG-1287: RandomStringUtils#random can enter infinite loop if end parameter is to small (closes #211)
Date Fri, 18 Nov 2016 15:52:46 GMT
Repository: commons-lang
Updated Branches:
  refs/heads/master b0bcf4f60 -> d2cc78e2d


LANG-1287: RandomStringUtils#random can enter infinite loop if end parameter is to small (closes
#211)

1.) Fixed possible infinite loop that can be caused by generating either digits or letters
by calling with a to low end param.

2.) Added (inclusive) and (exclusive) terms to javadoc of random method


Project: http://git-wip-us.apache.org/repos/asf/commons-lang/repo
Commit: http://git-wip-us.apache.org/repos/asf/commons-lang/commit/695342cb
Tree: http://git-wip-us.apache.org/repos/asf/commons-lang/tree/695342cb
Diff: http://git-wip-us.apache.org/repos/asf/commons-lang/diff/695342cb

Branch: refs/heads/master
Commit: 695342cb1cef42f30fd1a8496f181c92b21ae82d
Parents: b0bcf4f
Author: Ivan Morozov <ivan.morozov@kreditech.com>
Authored: Tue Nov 15 11:49:11 2016 +0100
Committer: pascalschumacher <pascalschumacher@gmx.net>
Committed: Fri Nov 18 16:51:23 2016 +0100

----------------------------------------------------------------------
 .../org/apache/commons/lang3/RandomStringUtils.java  | 15 +++++++++++++--
 .../apache/commons/lang3/RandomStringUtilsTest.java  |  8 ++++++++
 2 files changed, 21 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/commons-lang/blob/695342cb/src/main/java/org/apache/commons/lang3/RandomStringUtils.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/commons/lang3/RandomStringUtils.java b/src/main/java/org/apache/commons/lang3/RandomStringUtils.java
index 84b30fd..b76e269 100644
--- a/src/main/java/org/apache/commons/lang3/RandomStringUtils.java
+++ b/src/main/java/org/apache/commons/lang3/RandomStringUtils.java
@@ -327,8 +327,8 @@ public class RandomStringUtils {
      * and predictably.</p>
      *
      * @param count  the length of random string to create
-     * @param start  the position in set of chars to start at
-     * @param end  the position in set of chars to end before
+     * @param start  the position in set of chars to start at (inclusive)
+     * @param end  the position in set of chars to end before (exclusive)
      * @param letters  only allow letters?
      * @param numbers  only allow numbers?
      * @param chars  the set of chars to choose randoms from, must not be empty.
@@ -368,6 +368,17 @@ public class RandomStringUtils {
             }
         }
 
+        final int zero_digit_ascii = 48;
+        final int first_letter_ascii = 65;
+
+        if (chars == null) {
+            if (numbers && end <= zero_digit_ascii
+                    || letters && end <= first_letter_ascii) {
+                throw new IllegalArgumentException("Parameter end (" + end + ") must be greater
then (" + zero_digit_ascii + ") for generating digits " +
+                        "or greater then (" + first_letter_ascii + ") for generating letters.");
+            }
+        }
+
         final char[] buffer = new char[count];
         final int gap = end - start;
 

http://git-wip-us.apache.org/repos/asf/commons-lang/blob/695342cb/src/test/java/org/apache/commons/lang3/RandomStringUtilsTest.java
----------------------------------------------------------------------
diff --git a/src/test/java/org/apache/commons/lang3/RandomStringUtilsTest.java b/src/test/java/org/apache/commons/lang3/RandomStringUtilsTest.java
index 28c014b..4aff749 100644
--- a/src/test/java/org/apache/commons/lang3/RandomStringUtilsTest.java
+++ b/src/test/java/org/apache/commons/lang3/RandomStringUtilsTest.java
@@ -206,6 +206,14 @@ public class RandomStringUtilsTest {
             RandomStringUtils.random(-1, 'a', 'z', false, false, DUMMY, new Random());
             fail();
         } catch (final IllegalArgumentException ex) {}
+        try {
+            RandomStringUtils.random(8, 32, 48, false, true);
+            fail();
+        } catch (final IllegalArgumentException ex) {}
+        try {
+            RandomStringUtils.random(8, 32, 65, true, false);
+            fail();
+        } catch (final IllegalArgumentException ex) {}
     }
     
     /**


Mime
View raw message