commons-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Benedikt Ritter (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (IO-429) ByteArrayInputStream can overflow
Date Wed, 12 Mar 2014 18:38:43 GMT

     [ https://issues.apache.org/jira/browse/IO-429?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Benedikt Ritter updated IO-429:
-------------------------------

    Component/s: Utilities

> ByteArrayInputStream can overflow
> ---------------------------------
>
>                 Key: IO-429
>                 URL: https://issues.apache.org/jira/browse/IO-429
>             Project: Commons IO
>          Issue Type: Bug
>          Components: Utilities
>            Reporter: Fabian Lange
>
> There are many places involved in the problem, and a good fix might be problematic performance
wise.
> For example:
> IOUtils.toByteArray(InputStream input) invoked with a Stream which feeds more than Integer.MAX_VALUE
bytes will either crash with NegativeArraySizeException or maybe worse overflow in such a
way that it returns fine (but only with partial data)
> The ByteArrayOutputStream will happily consume the full stream but "int count" will overflow.
At some point then toByteArray is invoked which will do like new byte[count].
> maybe "needNewBuffer" can throw the IllegalArgumentException, as it gets  the count and
could check for the overflow.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message