Isn't this worthy of a JIRA and note in changes.xml? Gary
---------- Forwarded message ---------- From: <bode...@apache.org> Date: Fri, Nov 4, 2016 at 8:50 AM Subject: commons-compress git commit: avoid overflow when resizing To: comm...@commons.apache.org Repository: commons-compress Updated Branches: refs/heads/master 46f57bf93 -> f538f38bd avoid overflow when resizing Project: http://git-wip-us.apache.org/repos/asf/commons-compress/repo Commit: http://git-wip-us.apache.org/repos/asf/commons-compress/ commit/f538f38b Tree: http://git-wip-us.apache.org/repos/asf/commons-compress/tree/f538f38b Diff: http://git-wip-us.apache.org/repos/asf/commons-compress/diff/f538f38b Branch: refs/heads/master Commit: f538f38bd4db41349fb8f753ec17850861de5e0e Parents: 46f57bf Author: Stefan Bodewig <bode...@apache.org> Authored: Fri Nov 4 16:50:23 2016 +0100 Committer: Stefan Bodewig <bode...@apache.org> Committed: Fri Nov 4 16:50:23 2016 +0100 ---------------------------------------------------------------------- .../utils/SeekableInMemoryByteChannel.java | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/commons-compress/ blob/f538f38b/src/main/java/org/apache/commons/compress/utils/ SeekableInMemoryByteChannel.java ---------------------------------------------------------------------- diff --git a/src/main/java/org/apache/commons/compress/utils/ SeekableInMemoryByteChannel.java b/src/main/java/org/apache/ commons/compress/utils/SeekableInMemoryByteChannel.java index 75619b0..eece7f5 100644 --- a/src/main/java/org/apache/commons/compress/utils/ SeekableInMemoryByteChannel.java +++ b/src/main/java/org/apache/commons/compress/utils/ SeekableInMemoryByteChannel.java @@ -37,6 +37,8 @@ import java.util.concurrent.atomic.AtomicBoolean; */ public class SeekableInMemoryByteChannel implements SeekableByteChannel { + private static final int NAIVE_RESIZE_LIMIT = Integer.MAX_VALUE >> 1; + private byte[] data; private final AtomicBoolean closed = new AtomicBoolean(); private int position, size; @@ -134,7 +136,13 @@ public class SeekableInMemoryByteChannel implements SeekableByteChannel { int wanted = b.remaining(); int possibleWithoutResize = size - position; if (wanted > possibleWithoutResize) { - resize(position + wanted); + int newSize = position + wanted; + if (newSize < 0) { // overflow + resize(Integer.MAX_VALUE); + wanted = Integer.MAX_VALUE - position; + } else { + resize(newSize); + } } b.get(data, position, wanted); position += wanted; @@ -162,8 +170,12 @@ public class SeekableInMemoryByteChannel implements SeekableByteChannel { if (len <= 0) { len = 1; } - while (len < newLength) { - len <<= 1; + if (newLength < NAIVE_RESIZE_LIMIT) { + while (len < newLength) { + len <<= 1; + } + } else { // avoid overflow + len = newLength; } data = Arrays.copyOf(data, len); } -- E-Mail: garydgreg...@gmail.com | ggreg...@apache.org Java Persistence with Hibernate, Second Edition <https://www.amazon.com/gp/product/1617290459/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=1617290459&linkCode=as2&tag=garygregory-20&linkId=cadb800f39946ec62ea2b1af9fe6a2b8> <http:////ir-na.amazon-adsystem.com/e/ir?t=garygregory-20&l=am2&o=1&a=1617290459> JUnit in Action, Second Edition <https://www.amazon.com/gp/product/1935182021/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=1935182021&linkCode=as2&tag=garygregory-20&linkId=31ecd1f6b6d1eaf8886ac902a24de418%22> <http:////ir-na.amazon-adsystem.com/e/ir?t=garygregory-20&l=am2&o=1&a=1935182021> Spring Batch in Action <https://www.amazon.com/gp/product/1935182951/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=1935182951&linkCode=%7B%7BlinkCode%7D%7D&tag=garygregory-20&linkId=%7B%7Blink_id%7D%7D%22%3ESpring+Batch+in+Action> <http:////ir-na.amazon-adsystem.com/e/ir?t=garygregory-20&l=am2&o=1&a=1935182951> Blog: http://garygregory.wordpress.com Home: http://garygregory.com/ Tweet! http://twitter.com/GaryGregory