You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by dk...@apache.org on 2022/02/24 18:51:59 UTC
[cxf] 08/15: Use Math.exact to add two ints that might come from user data
This is an automated email from the ASF dual-hosted git repository.
dkulp pushed a commit to branch 3.3.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git
commit 775c21dc45a9f7c8b6dfe5fa619c9037f74e1672
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Thu Feb 3 11:14:39 2022 +0000
Use Math.exact to add two ints that might come from user data
(cherry picked from commit daeafbf9f0817e5b7448c6f9ca930a29ed50bc1e)
(cherry picked from commit e607d5c197aaa07ae213aa129e7bc09003c8804c)
(cherry picked from commit 1a9637692d9887514449a41d114af8dfb1b1e0e6)
---
.../main/java/org/apache/cxf/attachment/Base64DecoderStream.java | 2 +-
.../java/org/apache/cxf/attachment/MimeBodyPartInputStream.java | 6 +++---
.../main/java/org/apache/cxf/common/util/Base64OutputStream.java | 2 +-
core/src/main/java/org/apache/cxf/common/util/Base64Utility.java | 2 +-
core/src/main/java/org/apache/cxf/common/util/CompressionUtils.java | 3 ++-
core/src/main/java/org/apache/cxf/io/ReaderInputStream.java | 2 +-
.../java/org/apache/cxf/transport/websocket/WebSocketUtils.java | 2 +-
7 files changed, 10 insertions(+), 9 deletions(-)
diff --git a/core/src/main/java/org/apache/cxf/attachment/Base64DecoderStream.java b/core/src/main/java/org/apache/cxf/attachment/Base64DecoderStream.java
index 9367db4..9f887bf 100644
--- a/core/src/main/java/org/apache/cxf/attachment/Base64DecoderStream.java
+++ b/core/src/main/java/org/apache/cxf/attachment/Base64DecoderStream.java
@@ -187,6 +187,6 @@ public class Base64DecoderStream extends FilterInputStream {
public int available() throws IOException {
- return ((in.available() / 4) * 3) + decodedCount;
+ return Math.addExact((in.available() / 4) * 3, decodedCount);
}
}
diff --git a/core/src/main/java/org/apache/cxf/attachment/MimeBodyPartInputStream.java b/core/src/main/java/org/apache/cxf/attachment/MimeBodyPartInputStream.java
index 7d71b45..e0eb57e 100644
--- a/core/src/main/java/org/apache/cxf/attachment/MimeBodyPartInputStream.java
+++ b/core/src/main/java/org/apache/cxf/attachment/MimeBodyPartInputStream.java
@@ -59,11 +59,11 @@ public class MimeBodyPartInputStream extends InputStream {
return 0;
}
boolean bufferCreated = false;
- if (len < boundary.length * 2) {
+ if (len < Math.addExact(boundary.length, boundary.length)) {
//buffer is too short to detect boundaries with it. We'll need to create a larger buffer
bufferCreated = true;
if (boundaryBuffer == null) {
- boundaryBuffer = new byte[boundary.length * 2];
+ boundaryBuffer = new byte[Math.addExact(boundary.length, boundary.length)];
}
b = boundaryBuffer;
off = 0;
@@ -74,7 +74,7 @@ public class MimeBodyPartInputStream extends InputStream {
}
int read = 0;
int idx = 0;
- while (read >= 0 && idx < len && idx < (boundary.length * 2)) {
+ while (read >= 0 && idx < len && idx < Math.addExact(boundary.length, boundary.length)) {
//make sure we read enough to detect the boundary
read = inStream.read(b, off + idx, len - idx);
if (read != -1) {
diff --git a/core/src/main/java/org/apache/cxf/common/util/Base64OutputStream.java b/core/src/main/java/org/apache/cxf/common/util/Base64OutputStream.java
index e21c2fa..cddab83 100644
--- a/core/src/main/java/org/apache/cxf/common/util/Base64OutputStream.java
+++ b/core/src/main/java/org/apache/cxf/common/util/Base64OutputStream.java
@@ -82,7 +82,7 @@ public class Base64OutputStream extends FilterOutputStream {
return buf;
}
private byte[] newArray(byte[] src, int srcPos, int srcLen, byte[] src2, int srcPos2, int srcLen2) {
- byte[] buf = new byte[srcLen + srcLen2];
+ byte[] buf = new byte[Math.addExact(srcLen, srcLen2)];
System.arraycopy(src, srcPos, buf, 0, srcLen);
System.arraycopy(src2, srcPos2, buf, srcLen, srcLen2);
return buf;
diff --git a/core/src/main/java/org/apache/cxf/common/util/Base64Utility.java b/core/src/main/java/org/apache/cxf/common/util/Base64Utility.java
index 0e00f52..6279cff 100644
--- a/core/src/main/java/org/apache/cxf/common/util/Base64Utility.java
+++ b/core/src/main/java/org/apache/cxf/common/util/Base64Utility.java
@@ -161,7 +161,7 @@ public final class Base64Utility {
byte[] ob = new byte[octetCount];
int obcount = 0;
- for (int i = o; i < o + l && i < id.length; i++) {
+ for (int i = o; i < Math.addExact(o, l) && i < id.length; i++) {
if (id[i] == PAD
|| id[i] < BDT.length
&& BDT[id[i]] != Byte.MAX_VALUE) {
diff --git a/core/src/main/java/org/apache/cxf/common/util/CompressionUtils.java b/core/src/main/java/org/apache/cxf/common/util/CompressionUtils.java
index d07a51e..ea4ce34 100644
--- a/core/src/main/java/org/apache/cxf/common/util/CompressionUtils.java
+++ b/core/src/main/java/org/apache/cxf/common/util/CompressionUtils.java
@@ -70,7 +70,8 @@ public final class CompressionUtils {
compresser.setInput(tokenBytes);
compresser.finish();
- byte[] output = new byte[tokenBytes.length * 2];
+ int tokenBytesLength = tokenBytes.length;
+ byte[] output = new byte[Math.addExact(tokenBytesLength, tokenBytesLength)];
int compressedDataLength = compresser.deflate(output);
diff --git a/core/src/main/java/org/apache/cxf/io/ReaderInputStream.java b/core/src/main/java/org/apache/cxf/io/ReaderInputStream.java
index 30e7c24..1c8b641 100644
--- a/core/src/main/java/org/apache/cxf/io/ReaderInputStream.java
+++ b/core/src/main/java/org/apache/cxf/io/ReaderInputStream.java
@@ -224,7 +224,7 @@ public class ReaderInputStream extends InputStream {
if (b == null) {
throw new NullPointerException("Byte array must not be null");
}
- if (len < 0 || off < 0 || (off + len) > b.length) {
+ if (len < 0 || off < 0 || Math.addExact(off, len) > b.length) {
throw new IndexOutOfBoundsException("Array Size=" + b.length
+ ", offset=" + off + ", length=" + len);
}
diff --git a/rt/transports/websocket/src/main/java/org/apache/cxf/transport/websocket/WebSocketUtils.java b/rt/transports/websocket/src/main/java/org/apache/cxf/transport/websocket/WebSocketUtils.java
index 8bcc67d..4e27aeb 100644
--- a/rt/transports/websocket/src/main/java/org/apache/cxf/transport/websocket/WebSocketUtils.java
+++ b/rt/transports/websocket/src/main/java/org/apache/cxf/transport/websocket/WebSocketUtils.java
@@ -169,7 +169,7 @@ public final class WebSocketUtils {
*/
public static byte[] buildResponse(byte[] headers, byte[] data, int offset, int length) {
final int hlen = headers != null ? headers.length : 0;
- byte[] longdata = new byte[length + 2 + hlen];
+ byte[] longdata = new byte[Math.addExact(length, hlen) + 2];
if (hlen > 0) {
System.arraycopy(headers, 0, longdata, 0, hlen);