On 08/15/2013 07:05 PM, Xueming Shen wrote:
On 08/15/2013 05:15 AM, Florian Weimer wrote:
On 08/14/2013 11:33 PM, Chris Hegarty wrote:
> * @throws ArrayIndexOutOfBoundsException
> * if the {@code off} is negative, or the {@code len} is
> * negative, or the {@code off+len} is greater than the
> * length of the array {@code b}
I agree that specifying this in CRC32 and Adler32 is the right thing to
do. Trivially I'd drop the 'the' before the arguments, or maybe take the
working from InputStream.read(byte[],int,int) :
"If off is negative, len is negative, or len is greater than b.length
- off"
The InputStream wording is much better because it correctly covers the
off + len < 0 case. :-)
The one I have (without that "the") is the outputstream version. I would
assume it is equivalent to the inputstream version, given we have
exclude the off < 0 and len < 0 cases :-)
It's not because off + len can overflow and turn into a negative value
even if both operands are positive. To me, using {@code ...} strongly
suggests Java semantics.
(I might be wrong about this—I have made incorrect suggestions related
to integer overflow detection in the past.)
--
Florian Weimer / Red Hat Product Security Team
