[ 
https://issues.apache.org/jira/browse/LUCENE-8165?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16510773#comment-16510773
 ] 

ASF subversion and git services commented on LUCENE-8165:
---------------------------------------------------------

Commit 7eb74ac50f5e6e05389e834a1a2bf2543dfd64c9 in lucene-solr's branch 
refs/heads/master from [~simonw]
[ https://git-wip-us.apache.org/repos/asf?p=lucene-solr.git;h=7eb74ac ]

LUCENE-8164: IndexWriter silently accepts broken payload.

This has been fixed via LUCENE-8165 since we are now checking
for offset+length going out of bounds.

Co-authored-by: Nhat Nguyen <nhat.ngu...@elastic.co>
Co-authored-by: Robert Muir <rm...@apache.org>


> ban Arrays.copyOfRange with forbidden APIs
> ------------------------------------------
>
>                 Key: LUCENE-8165
>                 URL: https://issues.apache.org/jira/browse/LUCENE-8165
>             Project: Lucene - Core
>          Issue Type: Bug
>            Reporter: Robert Muir
>            Priority: Major
>             Fix For: master (8.0), 7.5
>
>         Attachments: LUCENE-8165.patch, LUCENE-8165_copy_of.patch, 
> LUCENE-8165_copy_of_range.patch, LUCENE-8165_start.patch, 
> LUCENE-8165_start.patch
>
>
> This method is no good, because instead of throwing AIOOBE for bad bounds, it 
> will silently fill with zeros (essentially silent corruption). Unfortunately 
> it is used in quite a few places so replacing it with e.g. arrayCopy may 
> uncover some interesting surprises.
> See LUCENE-8164 for motivation.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org

Reply via email to