commons-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Aman Agarwal <>
Subject [lang] StringUtils.equals bug on non-Strings with identical leading prefix
Date Mon, 10 Aug 2015 18:14:17 GMT
StringUtils.equals(cs1,cs2) delegates to CharSequence.regionMatches(...) in a way that causes
IndexOutOfBounds when either of cs1/cs2 isn't a String.

Specifically, comparing "foo" and "foobar" for non-String CharSequences bombs due to CharSequenceUtils.regionMatches(cs1,
false, 0, cs2, 0, Math.max(cs1.length(), cs2.length())) because regionMatches doesn't check
for input exhaustion.

Bug appears in default.

-          Aman

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message