subbudvk opened a new pull request, #1035: URL: https://github.com/apache/opennlp/pull/1035
## Summary
- `HeadRules` (English) and `AncoraSpanishHeadRules` (Spanish) parsed the
tag count field from head rules files with `Integer.parseInt()` and used
the result directly as an array size with no bounds check. A crafted
model
file with a count of `Integer.MAX_VALUE` would trigger an immediate
`OutOfMemoryError` during parser model loading.
- Added a bounds check in `readHeadRules()` in both classes: values
outside
`[0, 1000]` throw `IOException` before any allocation.
Since this is constrained by the size of the POS tagset being used this
is already a safe margin and a configurable override may not have benefit.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
