[11] RFR 8194879 : Runtime.Version parses string which does not conform to spec without throwing IAE

Brent Christian brent.christian at oracle.com
Tue Jan 16 21:21:45 UTC 2018


Please review this version string parsing fix for Runtime.Version.


 From the bug:
"As per the specification of Runtime.Version:

A version string, $VSTR, is a version number $VNUM, as described above, 
optionally followed by pre-release and build information, in one of the 
following formats:

        1. $VNUM(-$PRE)?\+$BUILD(-$OPT)?
        2. $VNUM-$PRE(-$OPT)?
        3. $VNUM(+-$OPT)?

So an example of "10--ea" does not confirm to any of the above regex's."

For "10--ea", the leading '-' gets picked up, and OPT (which allows the 
'-' character) gets set to "-ea".  So the pattern matching of the 
elements appears to happen as intended.

A case can be added in the parse() code to disallow this (case #2 with 
an OPT present, but no PRE).


More information about the core-libs-dev mailing list