[ https://issues.apache.org/jira/browse/CLI-313?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17475016#comment-17475016 ]
HUNG LU commented on CLI-313: ----------------------------- I'll take up this negative case to handle bad argument value with ParseException in handleShortAndLongOption method. How do I assign this ticket to myself to start or any suggestions to the process of resolving the ticket would be much appreciated for a newly registered user like myself? Much appreciated! > StringIndexOutOfBoundsException thrown by CommandLineParser.parse() on > invalid input > ------------------------------------------------------------------------------------ > > Key: CLI-313 > URL: https://issues.apache.org/jira/browse/CLI-313 > Project: Commons CLI > Issue Type: Bug > Components: Parser > Affects Versions: 1.5 > Reporter: Dominik Stadler > Priority: Critical > Labels: exception, fuzzer > > I discovered a case which can trigger a StringIndexOutOfBoundsException in > {{{}CommandLineParser.parse(){}}}. > The following code-snippet reproduces it: > {noformat} > CommandLineParser parser = new DefaultParser(); > Options options = new Options(); > parser.parse(options, new String[] {"-=-"}); {noformat} > > When run against current commons-cli 1.5.0 as well as on latest git, it > causes the following stacktrace: > {noformat} > Exception in thread "main" java.lang.StringIndexOutOfBoundsException: begin > 0, end 1, length 0 > at java.base/java.lang.String.checkBoundsBeginEnd(String.java:3319) > at java.base/java.lang.String.substring(String.java:1874) > at > org.apache.commons.cli.DefaultParser.isJavaProperty(DefaultParser.java:583) > at > org.apache.commons.cli.DefaultParser.handleShortAndLongOption(DefaultParser.java:511) > at > org.apache.commons.cli.DefaultParser.handleToken(DefaultParser.java:542) > at org.apache.commons.cli.DefaultParser.parse(DefaultParser.java:712) > at org.apache.commons.cli.DefaultParser.parse(DefaultParser.java:679) > at org.apache.commons.cli.DefaultParser.parse(DefaultParser.java:660) > at > org.dstadler.cli.fuzz.Crash_4543e54e8e6239dec6cc2eea74b83d5de693ec71.main(Crash_4543e54e8e6239dec6cc2eea74b83d5de693ec71.java:13) > {noformat} > > According to the JavaDoc, all failures to parse the arguments should lead to > a {{{}ParseException{}}}, but it seems this case is not handled currently. -- This message was sent by Atlassian Jira (v8.20.1#820001)