alhudz opened a new pull request, #1699:
URL: https://github.com/apache/commons-lang/pull/1699
Repro: `StringUtils.mid("foobar", 3, Integer.MAX_VALUE)` and `new
StrBuilder("hello goodbye hello").midString(14, Integer.MAX_VALUE)`.
Expected: the tail of the string (`"bar"`, `"hello"`), per the Javadoc that
says the rest is returned when the length exceeds what is available.
Actual: `StringIndexOutOfBoundsException`.
Cause: both pick the "return the rest" branch with `pos + len` / `index +
length`, which overflows to a negative `int` for a length near
`Integer.MAX_VALUE`, so the guard is false and the code falls through to
`substring`/`new String` with an out-of-range length. `WordUtils.wrap` already
widens to `long` to avoid the same overflow.
Fix: compare with subtraction (`str.length() - pos <= len`, `size - index <=
length`) so the check stays in range; the `substring(pos, pos + len)` branch
now runs only when `len` is smaller than the remaining characters, so it cannot
overflow.
- [x] Read the [contribution guidelines](CONTRIBUTING.md) for this project.
- [x] Write unit tests that match behavioral changes, where the tests fail
if the changes to the runtime are not applied. Added overflow regressions to
`StringUtilsSubstringTest` and `StrBuilderTest` (both fail before the change,
pass after).
- [x] Write a pull request description that is detailed enough to understand
what the pull request does, how, and why.
- [x] Each commit in the pull request should have a meaningful subject line
and body.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
