harmony-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Denis Kishenko" <dkishe...@gmail.com>
Subject Re: [classlib][security] Exception compatibility
Date Tue, 05 Sep 2006 08:23:11 GMT
By the way, people what do you think about HARMONY-1110?

Problem is we have to reproduce behavior of pattern parser without
specification. There is only one example in Java doc which doesn't
allow understand when pattern is incorrect.

2006/9/5, Denis Kishenko <dkishenko@gmail.com>:
> Boris thank you for your question. I asked myself the same question
> and choose the same answer as you. Unfortunately as people wrote above
> we were wrong and they are reasonable.
>
> I have already written patch for HARMONY-1120 to follow RI behavior.
>
> 2006/9/5, Stepan Mishura <stepan.mishura@gmail.com>:
> > On 9/4/06, Boris Kuznetsov wrote:
> > >
> > > Usually Harmony behavior is compared with RI behavior. But in security
> > > area RI behavior depends on provider. With different providers RI
> > > behave differently.
> > >
> > > For example, RI passes incorrect method arguments to provider. In such
> > > cases provider may throw exception (e.g. DigestException or
> > > IllegalArgumentException) or some RuntimeException (e.g.
> > > ArrayIndexOutOfBoundsException) may be thrown during the execution.
> > > Here is example.
> > >
> > > There are number of methods with arguments like (byte[] buf, int
> > > offset, int len). RI doesn't check if offset and len are negative but
> > > Harmony does, so we have difference in behavior (see Harmony-1120,
> > > 1148): on combination RI + provider application gets provider specific
> > > exception, but on Harmony + provider - IllegalArgumentException (as in
> > > other invalid parameters cases).
> > >
> > > So we have two options:
> > > 1. Fix Harmony (remove negative parameters checks)
> > > 2. Don't fix. Throw IllegalArgumentException for invalid parameters.
> > > Document as non-bug difference from RI.
> >
> >
> > Hi, Boris.
> >
> > We agreed to be exceptions-compatible with RI so we would have chosen the
> > first option. But I think that the first option is not suitable. I'll try to
> > explain why. I have a look at MessageDigest.java and mentioned JIRAs: so
> > there are 4 cases when parameters are invalid and an implementation has to
> > check if:
> > 1) buf - is null
> > 2) offset < 0
> > 3) len < 0
> > 4) offset + len > buf's len
> >
> > The first option means that we have to remove 2 and 3 checks. And leave 1
> > and 4 as RI does. But 4 check is meaningless without 2 and 3. IOW, it is
> > only valid if offset and len params are correct. IMO chosing the first
> > option is copying inconsistent behaviour. So I vote for the second option.
> >
> > Thanks,
> > Stepan.
> >
> > Note, specification doesn't describe implementation behavior for
> > > invalid arguments, but RI also throws IllegalArgumentException if
> > > ofsset+len > buf.length. So throwing of IllegalArgumentException in
> > > Harmony can't break any application.
> > >
> > > I suggest option 2.
> > > Thoughts?
> > >
> > > Thanks,
> > > Boris
> > >
> > > ------------------------------------------------------
> > Terms of use : http://incubator.apache.org/harmony/mailing.html
> > To unsubscribe, e-mail: harmony-dev-unsubscribe@incubator.apache.org
> > For additional commands, e-mail: harmony-dev-help@incubator.apache.org
> >
> >
>
>
> --
> Denis M. Kishenko
> Intel Middleware Products Division
>


-- 
Denis M. Kishenko
Intel Middleware Products Division

---------------------------------------------------------------------
Terms of use : http://incubator.apache.org/harmony/mailing.html
To unsubscribe, e-mail: harmony-dev-unsubscribe@incubator.apache.org
For additional commands, e-mail: harmony-dev-help@incubator.apache.org


Mime
View raw message