Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8194879

Runtime.Version parses string which does not conform to spec without throwing IAE

    Details

    • Subcomponent:
    • Resolved In Build:
      b01
    • Verification:
      Verified

      Description

      As per the specification of Runtime.Version:

       A version string, $VSTR, is a version number $VNUM, as described above, optionally followed by pre-release and build information, in one of the following formats:

             1. $VNUM(-$PRE)?\+$BUILD(-$OPT)?
             2. $VNUM-$PRE(-$OPT)?
             3. $VNUM(+-$OPT)?
           
      So an example of "10--ea" does not confirm to any of the above regex's.

      10--ea does not have build component hence it cannot fit in regex 1
      10--ea does not have pre component hence it cannot fit in regex 2
      10--ea does not have + sign hence it cannot fit in regex 3

      So we expect IllegalArgumentException when such string is passed to Version#parse method. This is mentioned in the specification of parse method as below:

      IllegalArgumentException - If the given string cannot be interpreted as a valid version

      However when i try to parse the string below in jshell , string is parsed fine and no exception is thrown.

      jshell> Runtime.Version.parse("10--ea")
      $6 ==> 10+--ea

      Furthermore , as you can see above, the input is tampered and a "+" is added to it to fit it to regex 3

      One more example:
      jshell> Runtime.Version.parse("10.0.0.1---ea")
      $5 ==> 10.0.0.1+---ea

      jshell> Runtime.Version.parse("10.0.1--")
      $5 ==> 10.0.1+--

        Attachments

          Activity

            People

            • Assignee:
              bchristi Brent Christian
              Reporter:
              bnallakaluva Bharath Nallakaluva (Inactive)
            • Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: