[
https://issues.apache.org/jira/browse/CASSANDRA-2851?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
David Allsopp updated CASSANDRA-2851:
-------------------------------------
Description:
FBUtilities.hexToBytes() has a minor bug - it copes with single-character
inputs by prepending "0", which is OK - but it does this for any input with an
odd number of characters, which is probably incorrect.
{noformat}
if (str.length() % 2 == 1)
str = "0" + str;
{noformat}
Given 'fff' as an input, can we really assume that this should be '0fff'? Isn't
this just an error?
Add the following to FBUtilitiesTest to demonstrate:
{noformat}
String[] badvalues = new String[]{"000", "fff"};
for (int i = 0; i < badvalues.length; i++)
try
{
FBUtilities.hexToBytes(badvalues[i]);
fail("Invalid hex value accepted"+badvalues[i]);
} catch (Exception e){}
{noformat}
was:
FBUtilities.hexToBytes() has a minor bug - it copes with single-character
inputs by prepending "0", which is OK - but it does this for any input with an
odd number of characters, which is probably incorrect.
{noformat}
if (str.length() % 2 == 1)
str = "0" + str;
{noformat}
Given 'fff' as an input, can we really assume that this should be '0fff'? Isn't
this just an error?
Add the following to FBUtilitiesTest to demonstrate:
{noformat}
String[] badvalues = new String[]{"", "000", "fff"};
for (int i = 0; i < badvalues.length; i++)
try
{
FBUtilities.hexToBytes(badvalues[i]);
fail("Invalid hex value accepted"+badvalues[i]);
} catch (Exception e){}
{noformat}
> hex-to-bytes conversion accepts invalid inputs silently
> -------------------------------------------------------
>
> Key: CASSANDRA-2851
> URL: https://issues.apache.org/jira/browse/CASSANDRA-2851
> Project: Cassandra
> Issue Type: Bug
> Components: Core
> Affects Versions: 0.7.6, 0.8.1
> Reporter: David Allsopp
> Priority: Minor
> Fix For: 0.8.2
>
>
> FBUtilities.hexToBytes() has a minor bug - it copes with single-character
> inputs by prepending "0", which is OK - but it does this for any input with
> an odd number of characters, which is probably incorrect.
> {noformat}
> if (str.length() % 2 == 1)
> str = "0" + str;
> {noformat}
> Given 'fff' as an input, can we really assume that this should be '0fff'?
> Isn't this just an error?
> Add the following to FBUtilitiesTest to demonstrate:
> {noformat}
> String[] badvalues = new String[]{"000", "fff"};
>
> for (int i = 0; i < badvalues.length; i++)
> try
> {
> FBUtilities.hexToBytes(badvalues[i]);
> fail("Invalid hex value accepted"+badvalues[i]);
> } catch (Exception e){}
> {noformat}
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
