Integer overflow in OpenMapRealMatrix
-------------------------------------
Key: MATH-679
URL: https://issues.apache.org/jira/browse/MATH-679
Project: Commons Math
Issue Type: Bug
Affects Versions: 2.2
Reporter: Christopher Berner
Priority: Minor
Attachments: Flaw.java
computeKey() has an integer overflow. Since it is a sparse matrix, this is
quite easily encountered long before heap space is exhausted. The code below
demonstrates the problem, which could potentially be a security vulnerability
(for example, if one was to use this matrix to store access control
information).
Workaround: never create an OpenMapRealMatrix with more cells than are
addressable with an int.
import org.apache.commons.math.linear.OpenMapRealMatrix;
public class Flaw {
public static void main(String[] args) {
OpenMapRealMatrix m = new OpenMapRealMatrix(3,
Integer.MAX_VALUE);
m.setEntry(0, 0, 2);
m.setEntry(2, 2, 3);
//Should print "2.0", but instead it prints "3.0"
System.out.println(m.getEntry(0, 0));
}
}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
