IcoreE opened a new pull request, #1521:
URL: https://github.com/apache/commons-lang/pull/1521
```
# source code
public static String random(int count, int start, int end, final boolean
letters, final boolean numbers,
final char[] chars, final Random random) {
```
When a custom character array (chars != null) is supplied to
RandomStringUtils.random(), the method does not strictly check that the start
and end parameters fall within the valid bounds of the chars array.
As a result, if start or end exceeds chars.length, the method may generate a
random index outside the array range, leading to an unexpected
ArrayIndexOutOfBoundsException.
This fails the method contract and causes unpredictable runtime errors.
```
@Test
void testStartEndOutOfRangeWithChars() {
char[] chars = {'a', 'b', 'c'};
assertThrows(ArrayIndexOutOfBoundsException.class, () -> {
RandomStringUtils.random(
5,
5, // invalid: start > chars.length
10, // invalid: end > chars.length
false,
false,
chars,
new Random()
);
});
}
```
Actual:
Throws ArrayIndexOutOfBoundsException
Expected:
Throw IllegalArgumentException indicating invalid start/end range when chars
!= null
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
