JDK-8163518 : Integer overflow in StringBufferInputStream.read() and CharArrayReader.read/skip()
- Type: Bug
- Component: core-libs
- Sub-Component: java.io
- Affected Version: 9
- Priority: P4
- Status: Closed
- Resolution: Fixed
- Submitted: 2016-08-09
- Updated: 2017-11-29
- Resolved: 2016-08-11
The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
| JDK 6 | JDK 7 | JDK 8 | JDK 9 |
|---|---|---|---|
| 6u141Fixed | 7u131Fixed | 8u152Fixed  |
9 b132Fixed |
Related Reports
|
Relates :
|
|
|
Relates :
|
Description
if (pos + len > count) {
len = count - pos;
}
Here len can be close to Integer.MAX_VALUE and pos > 0, which can result in negative (pos + len).
As a result, read() throws inappropriate StringIndexOutOfBoundsException.