harmony-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrew Zhang" <zhanghuang...@gmail.com>
Subject Re: [classlib][security] Exception compatibility
Date Tue, 05 Sep 2006 01:16:42 GMT
On 9/4/06, Boris Kuznetsov <boris.v.kuznetsov@gmail.com> wrote:
>
> Usually Harmony behavior is compared with RI behavior. But in security
> area RI behavior depends on provider. With different providers RI
> behave differently.
>
> For example, RI passes incorrect method arguments to provider. In such
> cases provider may throw exception (e.g. DigestException or
> IllegalArgumentException) or some RuntimeException (e.g.
> ArrayIndexOutOfBoundsException) may be thrown during the execution.
> Here is example.
>
> There are number of methods with arguments like (byte[] buf, int
> offset, int len). RI doesn't check if offset and len are negative but
> Harmony does, so we have difference in behavior (see Harmony-1120,
> 1148): on combination RI + provider application gets provider specific
> exception, but on Harmony + provider - IllegalArgumentException (as in
> other invalid parameters cases).
>
> So we have two options:
> 1. Fix Harmony (remove negative parameters checks)
> 2. Don't fix. Throw IllegalArgumentException for invalid parameters.
> Document as non-bug difference from RI.
>
> Note, specification doesn't describe implementation behavior for
> invalid arguments, but RI also throws IllegalArgumentException if
> ofsset+len > buf.length. So throwing of IllegalArgumentException in
> Harmony can't break any application.
>
> I suggest option 2.


I like option1. Why not just pass all parameters to provider as RI, and let
the provider determine the behaviour?


Thoughts?
>
> Thanks,
> Boris
>
> ---------------------------------------------------------------------
> Terms of use : http://incubator.apache.org/harmony/mailing.html
> To unsubscribe, e-mail: harmony-dev-unsubscribe@incubator.apache.org
> For additional commands, e-mail: harmony-dev-help@incubator.apache.org
>
>


-- 
Andrew Zhang
China Software Development Lab, IBM

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message