RFR 8194879 : Runtime.Version parses string which does not conform to spec without throwing IAE
Roger.Riggs at Oracle.com
Wed Jan 17 15:04:56 UTC 2018
The bug number should be added to the @bug line in the test.
On 1/16/2018 4:21 PM, Brent Christian wrote:
> Please review this version string parsing fix for Runtime.Version.
> From the bug:
> "As per the specification of Runtime.Version:
> A version string, $VSTR, is a version number $VNUM, as described
> above, optionally followed by pre-release and build information, in
> one of the following formats:
> 1. $VNUM(-$PRE)?\+$BUILD(-$OPT)?
> 2. $VNUM-$PRE(-$OPT)?
> 3. $VNUM(+-$OPT)?
> So an example of "10--ea" does not confirm to any of the above regex's."
> For "10--ea", the leading '-' gets picked up, and OPT (which allows
> the '-' character) gets set to "-ea". So the pattern matching of the
> elements appears to happen as intended.
> A case can be added in the parse() code to disallow this (case #2 with
> an OPT present, but no PRE).
More information about the core-libs-dev