-
Type:
Bug
-
Status: Closed
-
Priority:
P3
-
Resolution: Fixed
-
Affects Version/s: 8, 11, 13
-
Fix Version/s: 15
-
Component/s: security-libs
-
Subcomponent:
-
Resolved In Build:b19
-
Verification:Verified
ADDITIONAL SYSTEM INFORMATION :
OS: Windows 7 64bit
JDK: Oracle JDK 13.0.2 / 11.0.6 / 1.8.0_241
A DESCRIPTION OF THE PROBLEM :
In the last several lines of the source code of TextCallbackHandler, the following fragment code will produce a ArrayIndexOutOfBoundsException bug.
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
In the last several lines of the source code of TextCallbackHandler, the following fragment code will produce a ArrayIndexOutOfBoundsException bug:
if (result < 0 || result > (options.length - 1)) {
result = defaultOption;
}
result = options[result].value;
Reproduce bug condition:
1. ConfirmationCallback has two options, like it's optionType is ConfirmationCallback.OK_CANCEL_OPTION;
2. ConfirmationCallback.OK (that is 3 as value) is the defaultOption;
3. When end user enter a number greater or equals to the options length (that is >=2) in the command line, then:
a) defaultOption gets value of 3 (comes from default value ConfirmationCallback.OK)
b) options array ONLY have two options, the greatest index is 1;
c) ArrayIndexOutOfBoundsException produced
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
No ArrayIndexOutOfBoundsException throws
ACTUAL -
ArrayIndexOutOfBoundsException exception throws when end user enter a numer greater or equal than the options array length.
CUSTOMER SUBMITTED WORKAROUND :
the above fragment code should be as following (adding a else clause for if statement):
if (result < 0 || result > (options.length - 1)) {
result = defaultOption;
} else {
result = options[result].value;
}
FREQUENCY : always
OS: Windows 7 64bit
JDK: Oracle JDK 13.0.2 / 11.0.6 / 1.8.0_241
A DESCRIPTION OF THE PROBLEM :
In the last several lines of the source code of TextCallbackHandler, the following fragment code will produce a ArrayIndexOutOfBoundsException bug.
STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
In the last several lines of the source code of TextCallbackHandler, the following fragment code will produce a ArrayIndexOutOfBoundsException bug:
if (result < 0 || result > (options.length - 1)) {
result = defaultOption;
}
result = options[result].value;
Reproduce bug condition:
1. ConfirmationCallback has two options, like it's optionType is ConfirmationCallback.OK_CANCEL_OPTION;
2. ConfirmationCallback.OK (that is 3 as value) is the defaultOption;
3. When end user enter a number greater or equals to the options length (that is >=2) in the command line, then:
a) defaultOption gets value of 3 (comes from default value ConfirmationCallback.OK)
b) options array ONLY have two options, the greatest index is 1;
c) ArrayIndexOutOfBoundsException produced
EXPECTED VERSUS ACTUAL BEHAVIOR :
EXPECTED -
No ArrayIndexOutOfBoundsException throws
ACTUAL -
ArrayIndexOutOfBoundsException exception throws when end user enter a numer greater or equal than the options array length.
CUSTOMER SUBMITTED WORKAROUND :
the above fragment code should be as following (adding a else clause for if statement):
if (result < 0 || result > (options.length - 1)) {
result = defaultOption;
} else {
result = options[result].value;
}
FREQUENCY : always