[ https://issues.apache.org/jira/browse/LUCENE-8165?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16510771#comment-16510771 ]
ASF subversion and git services commented on LUCENE-8165: --------------------------------------------------------- Commit 9ea1fa5356ec3e5f619625a82856c7c235c08714 in lucene-solr's branch refs/heads/branch_7x from [~simonw] [ https://git-wip-us.apache.org/repos/asf?p=lucene-solr.git;h=9ea1fa5 ] LUCENE-8164: IndexWriter silently accepts broken payload. This has been fixed via LUCENE-8165 since we are now checking for offset+length going out of bounds. Co-authored-by: Nhat Nguyen <nhat.ngu...@elastic.co> Co-authored-by: Robert Muir <rm...@apache.org> > ban Arrays.copyOfRange with forbidden APIs > ------------------------------------------ > > Key: LUCENE-8165 > URL: https://issues.apache.org/jira/browse/LUCENE-8165 > Project: Lucene - Core > Issue Type: Bug > Reporter: Robert Muir > Priority: Major > Fix For: master (8.0), 7.5 > > Attachments: LUCENE-8165.patch, LUCENE-8165_copy_of.patch, > LUCENE-8165_copy_of_range.patch, LUCENE-8165_start.patch, > LUCENE-8165_start.patch > > > This method is no good, because instead of throwing AIOOBE for bad bounds, it > will silently fill with zeros (essentially silent corruption). Unfortunately > it is used in quite a few places so replacing it with e.g. arrayCopy may > uncover some interesting surprises. > See LUCENE-8164 for motivation. -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org