commons-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Benedikt Ritter (JIRA)" <>
Subject [jira] [Updated] (IO-429) ByteArrayInputStream can overflow
Date Wed, 12 Mar 2014 18:38:43 GMT


Benedikt Ritter updated IO-429:

    Component/s: Utilities

> ByteArrayInputStream can overflow
> ---------------------------------
>                 Key: IO-429
>                 URL:
>             Project: Commons IO
>          Issue Type: Bug
>          Components: Utilities
>            Reporter: Fabian Lange
> There are many places involved in the problem, and a good fix might be problematic performance
> For example:
> IOUtils.toByteArray(InputStream input) invoked with a Stream which feeds more than Integer.MAX_VALUE
bytes will either crash with NegativeArraySizeException or maybe worse overflow in such a
way that it returns fine (but only with partial data)
> The ByteArrayOutputStream will happily consume the full stream but "int count" will overflow.
At some point then toByteArray is invoked which will do like new byte[count].
> maybe "needNewBuffer" can throw the IllegalArgumentException, as it gets  the count and
could check for the overflow.

This message was sent by Atlassian JIRA

View raw message