[IO-429] ByteArrayOutputStream can overflow - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 2.9.0
Component/s: Utilities
Labels:
None

Description

There are many places involved in the problem, and a good fix might be problematic performance wise.

For example:
IOUtils.toByteArray(InputStream input) invoked with a Stream which feeds more than Integer.MAX_VALUE bytes will either crash with NegativeArraySizeException or maybe worse overflow in such a way that it returns fine (but only with partial data)

The ByteArrayOutputStream will happily consume the full stream but "int count" will overflow. At some point then toByteArray is invoked which will do like new byte[count].

maybe "needNewBuffer" can throw the IllegalArgumentException, as it gets the count and could check for the overflow.

Attachments

Issue Links

links to

Throw IllegalArgumentException in IOUtils.toByteArray

Activity

People

Assignee:: Unassigned

Reporter:: Fabian Lange

Votes:: 1 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 12/Mar/14 14:40

Updated:: 17/May/21 18:29

Resolved:: 16/May/21 15:23

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

3h 20m