Duncan Jones created LANG-1286:
----------------------------------
Summary: RandomStringUtils random method can overflow and return
characters outside of specified range
Key: LANG-1286
URL: https://issues.apache.org/jira/browse/LANG-1286
Project: Commons Lang
Issue Type: Bug
Components: lang.*
Affects Versions: 3.5
Reporter: Duncan Jones
{{RandomStringUtils.random()}} can overflow and return characters that are
outside the range specified by the {{start}} and {{end}} parameters. This is
because it casts a random integer in the range {{[start,end)}} to a character,
without checking if this will overflow.
Example failing test case:
{code}
@Test
public void testCharOverflow() throws Exception {
int start = 65535;
int end = Integer.MAX_VALUE;
@SuppressWarnings("serial")
Random fixedRandom = new Random() {
@Override
public int nextInt(int n) {
// Prevents selection of 'start' as the character
return 1;
}
};
String result = RandomStringUtils.random(1, start, end, false, false, null,
fixedRandom);
char c = result.charAt(0);
assertTrue(c >= start && c < end);
}
{code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
