Return-Path: Delivered-To: apmail-incubator-harmony-dev-archive@www.apache.org Received: (qmail 11201 invoked from network); 5 Sep 2006 08:01:12 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 5 Sep 2006 08:01:12 -0000 Received: (qmail 19807 invoked by uid 500); 5 Sep 2006 08:01:09 -0000 Delivered-To: apmail-incubator-harmony-dev-archive@incubator.apache.org Received: (qmail 19750 invoked by uid 500); 5 Sep 2006 08:01:09 -0000 Mailing-List: contact harmony-dev-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: harmony-dev@incubator.apache.org Delivered-To: mailing list harmony-dev@incubator.apache.org Received: (qmail 19739 invoked by uid 99); 5 Sep 2006 08:01:09 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 05 Sep 2006 01:01:09 -0700 X-ASF-Spam-Status: No, hits=0.5 required=10.0 tests=DNS_FROM_RFC_ABUSE,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (asf.osuosl.org: domain of mloenko@gmail.com designates 64.233.162.199 as permitted sender) Received: from [64.233.162.199] (HELO nz-out-0102.google.com) (64.233.162.199) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 05 Sep 2006 01:01:08 -0700 Received: by nz-out-0102.google.com with SMTP id v1so1041274nzb for ; Tue, 05 Sep 2006 01:00:48 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=azSpCGcp8zyUppkffXESKrhTM9IKo4fb6Nh1qBf/hbUg4h9agFYJcTtSPwaQPmNOKX9w8V+mmivhc+dgTkjnA2CkkHT/gk4ajVZsDnqoYktAGEc6vziiFm9PMD0TVxfnOduPwTwT82EULZX5PrTiat5azuIOrpnUzX2hyT2sHME= Received: by 10.65.157.13 with SMTP id j13mr4274347qbo; Tue, 05 Sep 2006 01:00:47 -0700 (PDT) Received: by 10.65.155.13 with HTTP; Tue, 5 Sep 2006 01:00:47 -0700 (PDT) Message-ID: <906dd82e0609050100s1c1f03a2lfeddbad2f52c911b@mail.gmail.com> Date: Tue, 5 Sep 2006 15:00:47 +0700 From: "Mikhail Loenko" To: harmony-dev@incubator.apache.org Subject: Re: [classlib][security] Exception compatibility In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N IMHO we should look from the perspective of migrating the apps. So let's try to make behavior of "Harmony + BC provider" close to "Sun + Sun's provider" If without the checks the combination Harmony+BC works similar to Sun+Sun's provider, then let's remove the checks. Otherwise let's keep it to make the behavior at least logical. Thanks, Mikhail 2006/9/4, Boris Kuznetsov : > Usually Harmony behavior is compared with RI behavior. But in security > area RI behavior depends on provider. With different providers RI > behave differently. > > For example, RI passes incorrect method arguments to provider. In such > cases provider may throw exception (e.g. DigestException or > IllegalArgumentException) or some RuntimeException (e.g. > ArrayIndexOutOfBoundsException) may be thrown during the execution. > Here is example. > > There are number of methods with arguments like (byte[] buf, int > offset, int len). RI doesn't check if offset and len are negative but > Harmony does, so we have difference in behavior (see Harmony-1120, > 1148): on combination RI + provider application gets provider specific > exception, but on Harmony + provider - IllegalArgumentException (as in > other invalid parameters cases). > > So we have two options: > 1. Fix Harmony (remove negative parameters checks) > 2. Don't fix. Throw IllegalArgumentException for invalid parameters. > Document as non-bug difference from RI. > > Note, specification doesn't describe implementation behavior for > invalid arguments, but RI also throws IllegalArgumentException if > ofsset+len > buf.length. So throwing of IllegalArgumentException in > Harmony can't break any application. > > I suggest option 2. > Thoughts? > > Thanks, > Boris > > --------------------------------------------------------------------- > Terms of use : http://incubator.apache.org/harmony/mailing.html > To unsubscribe, e-mail: harmony-dev-unsubscribe@incubator.apache.org > For additional commands, e-mail: harmony-dev-help@incubator.apache.org > > --------------------------------------------------------------------- Terms of use : http://incubator.apache.org/harmony/mailing.html To unsubscribe, e-mail: harmony-dev-unsubscribe@incubator.apache.org For additional commands, e-mail: harmony-dev-help@incubator.apache.org