libgcj/3523: java.io.LineNumberReader has a buggy reset() method.

public inbox for gcc-prs@sourceware.org
help / color / mirror / Atom feed

From: jwnimmer@alum.mit.edu
To: gcc-gnats@gcc.gnu.org
Subject: libgcj/3523: java.io.LineNumberReader has a buggy reset() method.
Date: Sun, 01 Jul 2001 19:56:00 -0000	[thread overview]
Message-ID: <20010702025138.11271.qmail@sourceware.cygnus.com> (raw)

>Number:         3523
>Category:       libgcj
>Synopsis:       java.io.LineNumberReader has a buggy reset() method.
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    unassigned
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Jul 01 19:56:00 PDT 2001
>Closed-Date:
>Last-Modified:
>Originator:     Jeremy Nimmer
>Release:        gcc version 3.1 20010630 (experimental)
>Organization:
>Environment:
i686-pc-linux-gnu, configured with: configure --enable-threads=posix --enable-shared --enable-languages=c++,java
>Description:
The implementation of the reset() method in java.io.LineNumberReader passes invalid arguments to the countLines method, causing it to index the array out of bounds under certain circumstances.
>How-To-Repeat:
Compile this program to bytecode (with javac, jikes, or gcj) and then run with gij.

import java.io.*;
public class CrashLNR {
  public static void main(String[] args)
    throws Exception
  {
    String s = "123456789\n123456789\n1234\n1234\n";
    LineNumberReader r = new LineNumberReader(new StringReader(s), 35);
    r.readLine();
    r.readLine();
    r.mark(10);
    r.readLine();
    r.reset(); // exception
  }
}
>Fix:
Here is my suggested patch, but I have not tested it thoroughly.

% diff -u LineNumberReader.java LineNumberReader.java.fixed
--- LineNumberReader.java       Tue Mar  7 14:55:26 2000
+++ LineNumberReader.java.fixed Sun Jul  1 22:27:14 2001
@@ -94,7 +94,7 @@
        if (markPos > 0 && pos > markPos && buffer[markPos-1] == '\r'
            && buffer[markPos] == '\n')
          lineNumber--;
-       lineNumber -= countLines(buffer, pos, markPos);
+       lineNumber -= countLines(buffer, markPos, pos-markPos);
        pos = markPos;
       }
   }
>Release-Note:
>Audit-Trail:
>Unformatted:

next             reply	other threads:[~2001-07-01 19:56 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2001-07-01 19:56 jwnimmer [this message]
2001-07-01 22:16 Tom Tromey
2001-07-01 22:18 tromey

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20010702025138.11271.qmail@sourceware.cygnus.com \
    --to=jwnimmer@alum.mit.edu \
    --cc=gcc-gnats@gcc.gnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).