public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug libgcj/30600] New: gnu.gcj.convert.BytesToCharsetAdaptor calculates bad argument for java.nio.Buffer.limit(int)
@ 2007-01-26 17:11 kaloian at doganov dot org
2007-01-26 17:15 ` [Bug libgcj/30600] " kaloian at doganov dot org
` (7 more replies)
0 siblings, 8 replies; 9+ messages in thread
From: kaloian at doganov dot org @ 2007-01-26 17:11 UTC (permalink / raw)
To: gcc-bugs
Sometimes, gnu.gcj.convert.BytesToCharsetAdaptor's read method calls
inBuffer.limit(int) with a value that exceeds the buffer capacity. This can be
easily reproduced when BytesToCharsetAdaptor is used with an input byte aray
that does not have to be decoded from the start, but from a greater possition
(inpos > 0). In this case the line inBuf.limit(inpos + inlength); leads to:
java.lang.IllegalArgumentException
at java.nio.Buffer.limit(libgcj.so.7)
at gnu.gcj.convert.BytesToCharsetAdaptor.read(libgcj.so.7)
at java.lang.String.init(libgcj.so.7)
at java.lang.String.<init>(libgcj.so.7)
at BytesToCharsetAdaptorBug.main(BytesToCharsetAdaptorBug.java:6)
Please see the attached example.
--
Summary: gnu.gcj.convert.BytesToCharsetAdaptor calculates bad
argument for java.nio.Buffer.limit(int)
Product: gcc
Version: 4.1.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: libgcj
AssignedTo: unassigned at gcc dot gnu dot org
ReportedBy: kaloian at doganov dot org
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=30600
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug libgcj/30600] gnu.gcj.convert.BytesToCharsetAdaptor calculates bad argument for java.nio.Buffer.limit(int)
2007-01-26 17:11 [Bug libgcj/30600] New: gnu.gcj.convert.BytesToCharsetAdaptor calculates bad argument for java.nio.Buffer.limit(int) kaloian at doganov dot org
@ 2007-01-26 17:15 ` kaloian at doganov dot org
2007-01-26 17:18 ` kaloian at doganov dot org
` (6 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: kaloian at doganov dot org @ 2007-01-26 17:15 UTC (permalink / raw)
To: gcc-bugs
------- Comment #1 from kaloian at doganov dot org 2007-01-26 17:15 -------
Created an attachment (id=12964)
--> (http://gcc.gnu.org/bugzilla/attachment.cgi?id=12964&action=view)
Short test case that demonstrates the problem.
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=30600
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug libgcj/30600] gnu.gcj.convert.BytesToCharsetAdaptor calculates bad argument for java.nio.Buffer.limit(int)
2007-01-26 17:11 [Bug libgcj/30600] New: gnu.gcj.convert.BytesToCharsetAdaptor calculates bad argument for java.nio.Buffer.limit(int) kaloian at doganov dot org
2007-01-26 17:15 ` [Bug libgcj/30600] " kaloian at doganov dot org
@ 2007-01-26 17:18 ` kaloian at doganov dot org
2007-01-27 23:14 ` kaloian at doganov dot org
` (5 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: kaloian at doganov dot org @ 2007-01-26 17:18 UTC (permalink / raw)
To: gcc-bugs
------- Comment #2 from kaloian at doganov dot org 2007-01-26 17:18 -------
(From update of attachment 12964)
The example works fine if you try to create the demo String using the whole
byte array. But if you wish to skip the fist byte this leads to
IllegalArgumentException because of the bad calculations in
BytesToCharsetAdaptor.
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=30600
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug libgcj/30600] gnu.gcj.convert.BytesToCharsetAdaptor calculates bad argument for java.nio.Buffer.limit(int)
2007-01-26 17:11 [Bug libgcj/30600] New: gnu.gcj.convert.BytesToCharsetAdaptor calculates bad argument for java.nio.Buffer.limit(int) kaloian at doganov dot org
2007-01-26 17:15 ` [Bug libgcj/30600] " kaloian at doganov dot org
2007-01-26 17:18 ` kaloian at doganov dot org
@ 2007-01-27 23:14 ` kaloian at doganov dot org
2007-01-30 0:05 ` tromey at gcc dot gnu dot org
` (4 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: kaloian at doganov dot org @ 2007-01-27 23:14 UTC (permalink / raw)
To: gcc-bugs
------- Comment #3 from kaloian at doganov dot org 2007-01-27 23:14 -------
Created an attachment (id=12971)
--> (http://gcc.gnu.org/bugzilla/attachment.cgi?id=12971&action=view)
Trivial fix -- `inlenght' is the last valid index of the buffer, so it should
be used directly, without adding it to `inpos'.
It is stated in BytesToUnicode.read(char[],int,int) java docs:
"Note the asymmetry in that the input upper bound is inbuffer[inlength-1],
while the output upper bound is outbuffer[outpos+count-1]. The justification is
that inlength is like the count field of a BufferedInputStream, while the count
parameter is like the length parameter of a read request."
But obviously, in BytesToCharsetAdaptor's code `inlength' is not used according
to the note above. Instead, it is expected `inlength' to contain a count,
which , when added to the value of `inpos', leads to the calculation of a
buffer limit greater than buffer's capacity (if `inpos' turns out to be greater
than zero).
This can be easily avoided by simply using `inlenght' in the way it is expected
to be used -- as an absolute index of array, not as a relative element count.
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=30600
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug libgcj/30600] gnu.gcj.convert.BytesToCharsetAdaptor calculates bad argument for java.nio.Buffer.limit(int)
2007-01-26 17:11 [Bug libgcj/30600] New: gnu.gcj.convert.BytesToCharsetAdaptor calculates bad argument for java.nio.Buffer.limit(int) kaloian at doganov dot org
` (2 preceding siblings ...)
2007-01-27 23:14 ` kaloian at doganov dot org
@ 2007-01-30 0:05 ` tromey at gcc dot gnu dot org
2007-01-30 2:47 ` tromey at gcc dot gnu dot org
` (3 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: tromey at gcc dot gnu dot org @ 2007-01-30 0:05 UTC (permalink / raw)
To: gcc-bugs
--
tromey at gcc dot gnu dot org changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |tromey at gcc dot gnu dot
| |org
Status|UNCONFIRMED |NEW
Ever Confirmed|0 |1
Last reconfirmed|0000-00-00 00:00:00 |2007-01-30 00:05:07
date| |
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=30600
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug libgcj/30600] gnu.gcj.convert.BytesToCharsetAdaptor calculates bad argument for java.nio.Buffer.limit(int)
2007-01-26 17:11 [Bug libgcj/30600] New: gnu.gcj.convert.BytesToCharsetAdaptor calculates bad argument for java.nio.Buffer.limit(int) kaloian at doganov dot org
` (3 preceding siblings ...)
2007-01-30 0:05 ` tromey at gcc dot gnu dot org
@ 2007-01-30 2:47 ` tromey at gcc dot gnu dot org
2007-01-30 2:48 ` tromey at gcc dot gnu dot org
` (2 subsequent siblings)
7 siblings, 0 replies; 9+ messages in thread
From: tromey at gcc dot gnu dot org @ 2007-01-30 2:47 UTC (permalink / raw)
To: gcc-bugs
------- Comment #4 from tromey at gcc dot gnu dot org 2007-01-30 02:47 -------
Subject: Bug 30600
Author: tromey
Date: Tue Jan 30 02:46:54 2007
New Revision: 121329
URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=121329
Log:
2007-01-29 Kaloian Doganov <kaloian@doganov.org>
PR libgcj/30600:
* gnu/gcj/convert/BytesToCharsetAdaptor.java (read): Fix call to
'limit'.
Modified:
trunk/libjava/ChangeLog
trunk/libjava/classpath/lib/gnu/gcj/convert/BytesToCharsetAdaptor.class
trunk/libjava/gnu/gcj/convert/BytesToCharsetAdaptor.java
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=30600
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug libgcj/30600] gnu.gcj.convert.BytesToCharsetAdaptor calculates bad argument for java.nio.Buffer.limit(int)
2007-01-26 17:11 [Bug libgcj/30600] New: gnu.gcj.convert.BytesToCharsetAdaptor calculates bad argument for java.nio.Buffer.limit(int) kaloian at doganov dot org
` (4 preceding siblings ...)
2007-01-30 2:47 ` tromey at gcc dot gnu dot org
@ 2007-01-30 2:48 ` tromey at gcc dot gnu dot org
2007-01-30 3:07 ` tromey at gcc dot gnu dot org
2007-01-30 3:08 ` tromey at gcc dot gnu dot org
7 siblings, 0 replies; 9+ messages in thread
From: tromey at gcc dot gnu dot org @ 2007-01-30 2:48 UTC (permalink / raw)
To: gcc-bugs
------- Comment #5 from tromey at gcc dot gnu dot org 2007-01-30 02:48 -------
Subject: Bug 30600
Author: tromey
Date: Tue Jan 30 02:48:26 2007
New Revision: 121330
URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=121330
Log:
2007-01-29 Kaloian Doganov <kaloian@doganov.org>
PR libgcj/30600:
* gnu/gcj/convert/BytesToCharsetAdaptor.java (read): Fix call to
'limit'.
Modified:
branches/redhat/gcc-4_1-branch-java-merge-20070117/libjava/ChangeLog
branches/redhat/gcc-4_1-branch-java-merge-20070117/libjava/gnu/gcj/convert/BytesToCharsetAdaptor.java
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=30600
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug libgcj/30600] gnu.gcj.convert.BytesToCharsetAdaptor calculates bad argument for java.nio.Buffer.limit(int)
2007-01-26 17:11 [Bug libgcj/30600] New: gnu.gcj.convert.BytesToCharsetAdaptor calculates bad argument for java.nio.Buffer.limit(int) kaloian at doganov dot org
` (5 preceding siblings ...)
2007-01-30 2:48 ` tromey at gcc dot gnu dot org
@ 2007-01-30 3:07 ` tromey at gcc dot gnu dot org
2007-01-30 3:08 ` tromey at gcc dot gnu dot org
7 siblings, 0 replies; 9+ messages in thread
From: tromey at gcc dot gnu dot org @ 2007-01-30 3:07 UTC (permalink / raw)
To: gcc-bugs
------- Comment #6 from tromey at gcc dot gnu dot org 2007-01-30 03:06 -------
I put this into 4.2 and trunk.
Thanks!
--
tromey at gcc dot gnu dot org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
Target Milestone|--- |4.2.0
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=30600
^ permalink raw reply [flat|nested] 9+ messages in thread
* [Bug libgcj/30600] gnu.gcj.convert.BytesToCharsetAdaptor calculates bad argument for java.nio.Buffer.limit(int)
2007-01-26 17:11 [Bug libgcj/30600] New: gnu.gcj.convert.BytesToCharsetAdaptor calculates bad argument for java.nio.Buffer.limit(int) kaloian at doganov dot org
` (6 preceding siblings ...)
2007-01-30 3:07 ` tromey at gcc dot gnu dot org
@ 2007-01-30 3:08 ` tromey at gcc dot gnu dot org
7 siblings, 0 replies; 9+ messages in thread
From: tromey at gcc dot gnu dot org @ 2007-01-30 3:08 UTC (permalink / raw)
To: gcc-bugs
------- Comment #7 from tromey at gcc dot gnu dot org 2007-01-30 03:08 -------
Subject: Bug 30600
Author: tromey
Date: Tue Jan 30 03:08:19 2007
New Revision: 121331
URL: http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=121331
Log:
2007-01-29 Kaloian Doganov <kaloian@doganov.org>
PR libgcj/30600:
* gnu/gcj/convert/BytesToCharsetAdaptor.java (read): Fix call to
'limit'.
Modified:
branches/gcc-4_2-branch/libjava/ChangeLog
branches/gcc-4_2-branch/libjava/gnu/gcj/convert/BytesToCharsetAdaptor.java
--
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=30600
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2007-01-30 3:08 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2007-01-26 17:11 [Bug libgcj/30600] New: gnu.gcj.convert.BytesToCharsetAdaptor calculates bad argument for java.nio.Buffer.limit(int) kaloian at doganov dot org
2007-01-26 17:15 ` [Bug libgcj/30600] " kaloian at doganov dot org
2007-01-26 17:18 ` kaloian at doganov dot org
2007-01-27 23:14 ` kaloian at doganov dot org
2007-01-30 0:05 ` tromey at gcc dot gnu dot org
2007-01-30 2:47 ` tromey at gcc dot gnu dot org
2007-01-30 2:48 ` tromey at gcc dot gnu dot org
2007-01-30 3:07 ` tromey at gcc dot gnu dot org
2007-01-30 3:08 ` tromey at gcc dot gnu dot org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).