harmony-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mikhail Loenko" <mloe...@gmail.com>
Subject Re: [classlib][security] Exception compatibility
Date Tue, 05 Sep 2006 08:29:31 GMT
let's talk about it on a different thread

2006/9/5, Denis Kishenko <dkishenko@gmail.com>:
> By the way, people what do you think about HARMONY-1110?
>
> Problem is we have to reproduce behavior of pattern parser without
> specification. There is only one example in Java doc which doesn't
> allow understand when pattern is incorrect.
>
> 2006/9/5, Denis Kishenko <dkishenko@gmail.com>:
> > Boris thank you for your question. I asked myself the same question
> > and choose the same answer as you. Unfortunately as people wrote above
> > we were wrong and they are reasonable.
> >
> > I have already written patch for HARMONY-1120 to follow RI behavior.
> >
> > 2006/9/5, Stepan Mishura <stepan.mishura@gmail.com>:
> > > On 9/4/06, Boris Kuznetsov wrote:
> > > >
> > > > Usually Harmony behavior is compared with RI behavior. But in security
> > > > area RI behavior depends on provider. With different providers RI
> > > > behave differently.
> > > >
> > > > For example, RI passes incorrect method arguments to provider. In such
> > > > cases provider may throw exception (e.g. DigestException or
> > > > IllegalArgumentException) or some RuntimeException (e.g.
> > > > ArrayIndexOutOfBoundsException) may be thrown during the execution.
> > > > Here is example.
> > > >
> > > > There are number of methods with arguments like (byte[] buf, int
> > > > offset, int len). RI doesn't check if offset and len are negative but
> > > > Harmony does, so we have difference in behavior (see Harmony-1120,
> > > > 1148): on combination RI + provider application gets provider specific
> > > > exception, but on Harmony + provider - IllegalArgumentException (as in
> > > > other invalid parameters cases).
> > > >
> > > > So we have two options:
> > > > 1. Fix Harmony (remove negative parameters checks)
> > > > 2. Don't fix. Throw IllegalArgumentException for invalid parameters.
> > > > Document as non-bug difference from RI.
> > >
> > >
> > > Hi, Boris.
> > >
> > > We agreed to be exceptions-compatible with RI so we would have chosen the
> > > first option. But I think that the first option is not suitable. I'll try to
> > > explain why. I have a look at MessageDigest.java and mentioned JIRAs: so
> > > there are 4 cases when parameters are invalid and an implementation has to
> > > check if:
> > > 1) buf - is null
> > > 2) offset < 0
> > > 3) len < 0
> > > 4) offset + len > buf's len
> > >
> > > The first option means that we have to remove 2 and 3 checks. And leave 1
> > > and 4 as RI does. But 4 check is meaningless without 2 and 3. IOW, it is
> > > only valid if offset and len params are correct. IMO chosing the first
> > > option is copying inconsistent behaviour. So I vote for the second option.
> > >
> > > Thanks,
> > > Stepan.
> > >
> > > Note, specification doesn't describe implementation behavior for
> > > > invalid arguments, but RI also throws IllegalArgumentException if
> > > > ofsset+len > buf.length. So throwing of IllegalArgumentException in
> > > > Harmony can't break any application.
> > > >
> > > > I suggest option 2.
> > > > Thoughts?
> > > >
> > > > Thanks,
> > > > Boris
> > > >
> > > > ------------------------------------------------------
> > > Terms of use : http://incubator.apache.org/harmony/mailing.html
> > > To unsubscribe, e-mail: harmony-dev-unsubscribe@incubator.apache.org
> > > For additional commands, e-mail: harmony-dev-help@incubator.apache.org
> > >
> > >
> >
> >
> > --
> > Denis M. Kishenko
> > Intel Middleware Products Division
> >
>
>
> --
> Denis M. Kishenko
> Intel Middleware Products Division
>
> ---------------------------------------------------------------------
> Terms of use : http://incubator.apache.org/harmony/mailing.html
> To unsubscribe, e-mail: harmony-dev-unsubscribe@incubator.apache.org
> For additional commands, e-mail: harmony-dev-help@incubator.apache.org
>
>

---------------------------------------------------------------------
Terms of use : http://incubator.apache.org/harmony/mailing.html
To unsubscribe, e-mail: harmony-dev-unsubscribe@incubator.apache.org
For additional commands, e-mail: harmony-dev-help@incubator.apache.org


Mime
View raw message