Dominik Stadler created CLI-313:
-----------------------------------
Summary: StringIndexOutOfBoundsException thrown by
CommandLineParser.parse() on invalid input
Key: CLI-313
URL: https://issues.apache.org/jira/browse/CLI-313
Project: Commons CLI
Issue Type: Bug
Components: Parser
Affects Versions: 1.5
Reporter: Dominik Stadler
I discovered a case which can trigger a StringIndexOutOfBoundsException in
{{{}CommandLineParser.parse(){}}}.
The following code-snippet reproduces it:
{noformat}
CommandLineParser parser = new DefaultParser();
Options options = new Options();
parser.parse(options, new String[] {"-=-"}); {noformat}
When run against current commons-cli 1.5.0 as well as on latest git, it causes
the following stacktrace:
{noformat}
Exception in thread "main" java.lang.StringIndexOutOfBoundsException: begin 0,
end 1, length 0
at java.base/java.lang.String.checkBoundsBeginEnd(String.java:3319)
at java.base/java.lang.String.substring(String.java:1874)
at
org.apache.commons.cli.DefaultParser.isJavaProperty(DefaultParser.java:583)
at
org.apache.commons.cli.DefaultParser.handleShortAndLongOption(DefaultParser.java:511)
at org.apache.commons.cli.DefaultParser.handleToken(DefaultParser.java:542)
at org.apache.commons.cli.DefaultParser.parse(DefaultParser.java:712)
at org.apache.commons.cli.DefaultParser.parse(DefaultParser.java:679)
at org.apache.commons.cli.DefaultParser.parse(DefaultParser.java:660)
at
org.dstadler.cli.fuzz.Crash_4543e54e8e6239dec6cc2eea74b83d5de693ec71.main(Crash_4543e54e8e6239dec6cc2eea74b83d5de693ec71.java:13)
{noformat}
According to the JavaDoc, all failures to parse the arguments should lead to a
{{{}ParseException{}}}, but it seems this case is not handled currently.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
