This is an automated email from the ASF dual-hosted git repository. bodewig pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/commons-compress.git
commit 190939b04c566e3285b15c109ff69887ecba919d Author: Stefan Bodewig <stefan.bode...@innoq.com> AuthorDate: Fri May 14 17:03:05 2021 +0200 handle integer overflow --- src/main/java/org/apache/commons/compress/utils/IOUtils.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/org/apache/commons/compress/utils/IOUtils.java b/src/main/java/org/apache/commons/compress/utils/IOUtils.java index 0b7df96..3587ced 100644 --- a/src/main/java/org/apache/commons/compress/utils/IOUtils.java +++ b/src/main/java/org/apache/commons/compress/utils/IOUtils.java @@ -189,7 +189,7 @@ public final class IOUtils { */ public static int readFully(final InputStream input, final byte[] array, final int offset, final int len) throws IOException { - if (len < 0 || offset < 0 || len + offset > array.length) { + if (len < 0 || offset < 0 || len + offset > array.length || len + offset < 0) { throw new IndexOutOfBoundsException(); } int count = 0, x = 0;