(commons-math) 01/03: Bug fix: verify array range before using it to validate the weights

Thu, 03 Apr 2025 06:11:42 -0700 

This is an automated email from the ASF dual-hosted git repository.

aherbert pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/commons-math.git

commit a84f6eb792a8c434fafa8a1dfb0dbf7b835a7d2b
Author: Alex Herbert <aherb...@apache.org>
AuthorDate: Thu Apr 3 14:06:16 2025 +0100

    Bug fix: verify array range before using it to validate the weights
    
    If an invalid range is used then the method throws an
    IndexOutOfBoundsException instead of a MathIllegalArgumentException.
---
 .../apache/commons/math4/legacy/core/MathArrays.java   |  7 ++++++-
 .../commons/math4/legacy/core/MathArraysTest.java      | 18 ++++++++++++++++++
 2 files changed, 24 insertions(+), 1 deletion(-)

diff --git 
a/commons-math-legacy-core/src/main/java/org/apache/commons/math4/legacy/core/MathArrays.java
 
b/commons-math-legacy-core/src/main/java/org/apache/commons/math4/legacy/core/MathArrays.java
index cd83c7f5d..bb1241c41 100644
--- 
a/commons-math-legacy-core/src/main/java/org/apache/commons/math4/legacy/core/MathArrays.java
+++ 
b/commons-math-legacy-core/src/main/java/org/apache/commons/math4/legacy/core/MathArrays.java
@@ -1049,6 +1049,11 @@ public final class MathArrays {
 
         checkEqualLength(weights, values);
 
+        // verify range before using the range
+        if (!verifyValues(values, begin, length, allowEmpty)) {
+            return false;
+        }
+
         if (length != 0) {
             boolean containsPositiveWeight = false;
             for (int i = begin; i < begin + length; i++) {
@@ -1074,7 +1079,7 @@ public final class MathArrays {
             }
         }
 
-        return verifyValues(values, begin, length, allowEmpty);
+        return true;
     }
 
     /**
diff --git 
a/commons-math-legacy-core/src/test/java/org/apache/commons/math4/legacy/core/MathArraysTest.java
 
b/commons-math-legacy-core/src/test/java/org/apache/commons/math4/legacy/core/MathArraysTest.java
index 99f09ff02..d57dc068c 100644
--- 
a/commons-math-legacy-core/src/test/java/org/apache/commons/math4/legacy/core/MathArraysTest.java
+++ 
b/commons-math-legacy-core/src/test/java/org/apache/commons/math4/legacy/core/MathArraysTest.java
@@ -692,6 +692,24 @@ public class MathArraysTest {
         } catch (MathIllegalArgumentException ex) {
             // expected
         }
+        try {
+            MathArrays.verifyValues(testArray, testWeightsArray, 0, 7);  // 
end past start
+            Assert.fail("Expecting MathIllegalArgumentException");
+        } catch (MathIllegalArgumentException ex) {
+            // expected
+        }
+        try {
+            MathArrays.verifyValues(testArray, testWeightsArray, -1, 1);  // 
start negative
+            Assert.fail("Expecting MathIllegalArgumentException");
+        } catch (MathIllegalArgumentException ex) {
+            // expected
+        }
+        try {
+            MathArrays.verifyValues(testArray, testWeightsArray, 0, -1);  // 
length negative
+            Assert.fail("Expecting MathIllegalArgumentException");
+        } catch (MathIllegalArgumentException ex) {
+            // expected
+        }
     }
 
     @Test

Reply via email to