jmestwa-coder opened a new pull request, #1443:
URL: https://github.com/apache/wicket/pull/1443
### Summary
Add a guard in ByteArrayOutputStream.write(...) to prevent integer overflow
when calculating the new size.
### Problem
The size is tracked using an int . When total data exceeds
Integer.MAX\_VALUE, count + len overflows and becomes negative.Since Wicket
uses multiple buffers, this can happen without hitting JVM array limits.
### Impact
* size() may return a negative value
* toByteArray() can throw NegativeArraySizeException
* Leads to inconsistent behavior and possible data loss
### Fix
Add a simple overflow check and fail fast with IndexOutOfBoundsException.
### Notes
* No change for valid inputs
* No API changes
* Minimal, safe fix
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
