RFR: JDK-7154662: {CRC32, Adler32}.update(byte[] b, int off, int len): undocumented ArrayIndexOutOfBoundsException

Florian Weimer fweimer at redhat.com
Fri Aug 16 07:54:06 UTC 2013

On 08/15/2013 07:05 PM, Xueming Shen wrote:
> On 08/15/2013 05:15 AM, Florian Weimer wrote:
>> On 08/14/2013 11:33 PM, Chris Hegarty wrote:
>>> > * @throws  ArrayIndexOutOfBoundsException
>>> > *          if the {@code off} is negative, or the {@code len} is
>>> > *          negative, or the {@code off+len} is greater than the
>>> > *          length of the array {@code b}
>>> I agree that specifying this in CRC32 and Adler32 is the right thing to
>>> do. Trivially I'd drop the 'the' before the arguments, or maybe take the
>>> working from InputStream.read(byte[],int,int) :
>>>    "If off is negative, len is negative, or len is greater than b.length
>>>     - off"
>> The InputStream wording is much better because it correctly covers the
>> off + len < 0 case. :-)

> The one I have (without that "the") is the outputstream version. I would
> assume it is equivalent to the inputstream version, given we have
> exclude the off < 0 and len < 0 cases :-)

It's not because off + len can overflow and turn into a negative value 
even if both operands are positive.  To me, using {@code ...} strongly 
suggests Java semantics.

(I might be wrong about this—I have made incorrect suggestions related 
to integer overflow detection in the past.)

Florian Weimer / Red Hat Product Security Team

More information about the core-libs-dev mailing list