db-derby-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kahat...@apache.org
Subject svn commit: r673610 - /db/derby/code/trunk/java/engine/org/apache/derby/iapi/services/io/ArrayInputStream.java
Date Thu, 03 Jul 2008 08:14:17 GMT
Author: kahatlen
Date: Thu Jul  3 01:14:16 2008
New Revision: 673610

URL: http://svn.apache.org/viewvc?rev=673610&view=rev
Log:
DERBY-3739: Skip and read methods in ArrayInputStream may overflow

Changed checks in read() and in readFully() so that they are not
vulnerable to integer overflow.

Modified:
    db/derby/code/trunk/java/engine/org/apache/derby/iapi/services/io/ArrayInputStream.java

Modified: db/derby/code/trunk/java/engine/org/apache/derby/iapi/services/io/ArrayInputStream.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/iapi/services/io/ArrayInputStream.java?rev=673610&r1=673609&r2=673610&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/iapi/services/io/ArrayInputStream.java
(original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/iapi/services/io/ArrayInputStream.java
Thu Jul  3 01:14:16 2008
@@ -105,15 +105,19 @@
 	}
 
 	public int read(byte b[], int off, int len) throws IOException {
+        final int available = available();
 
-		if ((position + len) > end) {
+        if (len > available) {
+            // attempted to read more bytes than available
 
-			len = end - position;
+            if (available == 0) {
+                // no bytes available, return -1 to report end of file
+                return -1;
+            }
 
-			if (len == 0) {
-				return -1; // end of file
-			}
-		}
+            // read all the available bytes
+            len = available;
+        }
 
 		System.arraycopy(pageData, position, b, off, len);
 		position += len;
@@ -214,8 +218,7 @@
 
     public final void readFully(byte b[], int off, int len) throws IOException {
 
-		if ((position + len) > end) {
-
+		if (len > available()) {
 			throw new EOFException();
 		}
 



Mime
View raw message