[commons-compress] 02/03: properly fulfill InputStream's contract

Fri, 14 May 2021 08:51:05 -0700 

This is an automated email from the ASF dual-hosted git repository.

bodewig pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/commons-compress.git

commit 8046bd27c09651cfc6b5f153171a87ce48b009c7
Author: Stefan Bodewig <stefan.bode...@innoq.com>
AuthorDate: Fri May 14 17:43:23 2021 +0200

    properly fulfill InputStream's contract
---
 .../org/apache/commons/compress/utils/BoundedArchiveInputStream.java   | 3 +++
 1 file changed, 3 insertions(+)

diff --git 
a/src/main/java/org/apache/commons/compress/utils/BoundedArchiveInputStream.java
 
b/src/main/java/org/apache/commons/compress/utils/BoundedArchiveInputStream.java
index db8d948..4f7ec27 100644
--- 
a/src/main/java/org/apache/commons/compress/utils/BoundedArchiveInputStream.java
+++ 
b/src/main/java/org/apache/commons/compress/utils/BoundedArchiveInputStream.java
@@ -70,6 +70,9 @@ public abstract class BoundedArchiveInputStream extends 
InputStream {
         if (len <= 0) {
             return 0;
         }
+        if (off < 0 || len > b.length - off) {
+            throw new IllegalArgumentException("offset or len are out of 
bounds");
+        }
 
         if (len > end - loc) {
             if (loc >= end) {

Reply via email to