[jira] [Commented] (LUCENE-8165) ban Arrays.copyOfRange with forbidden APIs
[ https://issues.apache.org/jira/browse/LUCENE-8165?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16510773#comment-16510773 ] ASF subversion and git services commented on LUCENE-8165: - Commit 7eb74ac50f5e6e05389e834a1a2bf2543dfd64c9 in lucene-solr's branch refs/heads/master from [~simonw] [ https://git-wip-us.apache.org/repos/asf?p=lucene-solr.git;h=7eb74ac ] LUCENE-8164: IndexWriter silently accepts broken payload. This has been fixed via LUCENE-8165 since we are now checking for offset+length going out of bounds. Co-authored-by: Nhat Nguyen Co-authored-by: Robert Muir > ban Arrays.copyOfRange with forbidden APIs > -- > > Key: LUCENE-8165 > URL: https://issues.apache.org/jira/browse/LUCENE-8165 > Project: Lucene - Core > Issue Type: Bug >Reporter: Robert Muir >Priority: Major > Fix For: master (8.0), 7.5 > > Attachments: LUCENE-8165.patch, LUCENE-8165_copy_of.patch, > LUCENE-8165_copy_of_range.patch, LUCENE-8165_start.patch, > LUCENE-8165_start.patch > > > This method is no good, because instead of throwing AIOOBE for bad bounds, it > will silently fill with zeros (essentially silent corruption). Unfortunately > it is used in quite a few places so replacing it with e.g. arrayCopy may > uncover some interesting surprises. > See LUCENE-8164 for motivation. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (LUCENE-8165) ban Arrays.copyOfRange with forbidden APIs
[ https://issues.apache.org/jira/browse/LUCENE-8165?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16510771#comment-16510771 ] ASF subversion and git services commented on LUCENE-8165: - Commit 9ea1fa5356ec3e5f619625a82856c7c235c08714 in lucene-solr's branch refs/heads/branch_7x from [~simonw] [ https://git-wip-us.apache.org/repos/asf?p=lucene-solr.git;h=9ea1fa5 ] LUCENE-8164: IndexWriter silently accepts broken payload. This has been fixed via LUCENE-8165 since we are now checking for offset+length going out of bounds. Co-authored-by: Nhat Nguyen Co-authored-by: Robert Muir > ban Arrays.copyOfRange with forbidden APIs > -- > > Key: LUCENE-8165 > URL: https://issues.apache.org/jira/browse/LUCENE-8165 > Project: Lucene - Core > Issue Type: Bug >Reporter: Robert Muir >Priority: Major > Fix For: master (8.0), 7.5 > > Attachments: LUCENE-8165.patch, LUCENE-8165_copy_of.patch, > LUCENE-8165_copy_of_range.patch, LUCENE-8165_start.patch, > LUCENE-8165_start.patch > > > This method is no good, because instead of throwing AIOOBE for bad bounds, it > will silently fill with zeros (essentially silent corruption). Unfortunately > it is used in quite a few places so replacing it with e.g. arrayCopy may > uncover some interesting surprises. > See LUCENE-8164 for motivation. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (LUCENE-8165) ban Arrays.copyOfRange with forbidden APIs
[ https://issues.apache.org/jira/browse/LUCENE-8165?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16504656#comment-16504656 ] Nhat Nguyen commented on LUCENE-8165: - [~rcmuir] I will look at LUCENE-8164 and post the output. > ban Arrays.copyOfRange with forbidden APIs > -- > > Key: LUCENE-8165 > URL: https://issues.apache.org/jira/browse/LUCENE-8165 > Project: Lucene - Core > Issue Type: Bug >Reporter: Robert Muir >Priority: Major > Fix For: master (8.0), 7.5 > > Attachments: LUCENE-8165.patch, LUCENE-8165_copy_of.patch, > LUCENE-8165_copy_of_range.patch, LUCENE-8165_start.patch, > LUCENE-8165_start.patch > > > This method is no good, because instead of throwing AIOOBE for bad bounds, it > will silently fill with zeros (essentially silent corruption). Unfortunately > it is used in quite a few places so replacing it with e.g. arrayCopy may > uncover some interesting surprises. > See LUCENE-8164 for motivation. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (LUCENE-8165) ban Arrays.copyOfRange with forbidden APIs
[ https://issues.apache.org/jira/browse/LUCENE-8165?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16504650#comment-16504650 ] Robert Muir commented on LUCENE-8165: - I think these commits may also fix LUCENE-8164 too: I haven't yet tried re-running the test yet to see if it now hits exception. > ban Arrays.copyOfRange with forbidden APIs > -- > > Key: LUCENE-8165 > URL: https://issues.apache.org/jira/browse/LUCENE-8165 > Project: Lucene - Core > Issue Type: Bug >Reporter: Robert Muir >Priority: Major > Fix For: master (8.0), 7.5 > > Attachments: LUCENE-8165.patch, LUCENE-8165_copy_of.patch, > LUCENE-8165_copy_of_range.patch, LUCENE-8165_start.patch, > LUCENE-8165_start.patch > > > This method is no good, because instead of throwing AIOOBE for bad bounds, it > will silently fill with zeros (essentially silent corruption). Unfortunately > it is used in quite a few places so replacing it with e.g. arrayCopy may > uncover some interesting surprises. > See LUCENE-8164 for motivation. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (LUCENE-8165) ban Arrays.copyOfRange with forbidden APIs
[ https://issues.apache.org/jira/browse/LUCENE-8165?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16504647#comment-16504647 ] Adrien Grand commented on LUCENE-8165: -- You're welcome. I was also wondering about unexpected side effects, hence branching first. Hopefully this will be less risky in the long term than the leniency of copyOf(Range). > ban Arrays.copyOfRange with forbidden APIs > -- > > Key: LUCENE-8165 > URL: https://issues.apache.org/jira/browse/LUCENE-8165 > Project: Lucene - Core > Issue Type: Bug >Reporter: Robert Muir >Priority: Major > Fix For: master (8.0), 7.5 > > Attachments: LUCENE-8165.patch, LUCENE-8165_copy_of.patch, > LUCENE-8165_copy_of_range.patch, LUCENE-8165_start.patch, > LUCENE-8165_start.patch > > > This method is no good, because instead of throwing AIOOBE for bad bounds, it > will silently fill with zeros (essentially silent corruption). Unfortunately > it is used in quite a few places so replacing it with e.g. arrayCopy may > uncover some interesting surprises. > See LUCENE-8164 for motivation. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (LUCENE-8165) ban Arrays.copyOfRange with forbidden APIs
[ https://issues.apache.org/jira/browse/LUCENE-8165?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16504639#comment-16504639 ] Robert Muir commented on LUCENE-8165: - Thanks Adrien: (also for branching first!). I'm sorry I was slow / holding up getting the fixes in: i was worried about the risks of the changes too. > ban Arrays.copyOfRange with forbidden APIs > -- > > Key: LUCENE-8165 > URL: https://issues.apache.org/jira/browse/LUCENE-8165 > Project: Lucene - Core > Issue Type: Bug >Reporter: Robert Muir >Priority: Major > Fix For: master (8.0), 7.5 > > Attachments: LUCENE-8165.patch, LUCENE-8165_copy_of.patch, > LUCENE-8165_copy_of_range.patch, LUCENE-8165_start.patch, > LUCENE-8165_start.patch > > > This method is no good, because instead of throwing AIOOBE for bad bounds, it > will silently fill with zeros (essentially silent corruption). Unfortunately > it is used in quite a few places so replacing it with e.g. arrayCopy may > uncover some interesting surprises. > See LUCENE-8164 for motivation. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (LUCENE-8165) ban Arrays.copyOfRange with forbidden APIs
[ https://issues.apache.org/jira/browse/LUCENE-8165?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16504595#comment-16504595 ] Nhat Nguyen commented on LUCENE-8165: - Thanks everyone! > ban Arrays.copyOfRange with forbidden APIs > -- > > Key: LUCENE-8165 > URL: https://issues.apache.org/jira/browse/LUCENE-8165 > Project: Lucene - Core > Issue Type: Bug >Reporter: Robert Muir >Priority: Major > Fix For: master (8.0), 7.5 > > Attachments: LUCENE-8165.patch, LUCENE-8165_copy_of.patch, > LUCENE-8165_copy_of_range.patch, LUCENE-8165_start.patch, > LUCENE-8165_start.patch > > > This method is no good, because instead of throwing AIOOBE for bad bounds, it > will silently fill with zeros (essentially silent corruption). Unfortunately > it is used in quite a few places so replacing it with e.g. arrayCopy may > uncover some interesting surprises. > See LUCENE-8164 for motivation. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (LUCENE-8165) ban Arrays.copyOfRange with forbidden APIs
[ https://issues.apache.org/jira/browse/LUCENE-8165?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16504442#comment-16504442 ] ASF subversion and git services commented on LUCENE-8165: - Commit 42b69f39ea5e759f086f7106aea4de85ed4c7e18 in lucene-solr's branch refs/heads/branch_7x from [~dnhatn] [ https://git-wip-us.apache.org/repos/asf?p=lucene-solr.git;h=42b69f3 ] LUCENE-8165: Ban copyOf and copyOfRange. These methods are lenient with out-of-bounds indices. Signed-off-by: Adrien Grand > ban Arrays.copyOfRange with forbidden APIs > -- > > Key: LUCENE-8165 > URL: https://issues.apache.org/jira/browse/LUCENE-8165 > Project: Lucene - Core > Issue Type: Bug >Reporter: Robert Muir >Priority: Major > Attachments: LUCENE-8165.patch, LUCENE-8165_copy_of.patch, > LUCENE-8165_copy_of_range.patch, LUCENE-8165_start.patch, > LUCENE-8165_start.patch > > > This method is no good, because instead of throwing AIOOBE for bad bounds, it > will silently fill with zeros (essentially silent corruption). Unfortunately > it is used in quite a few places so replacing it with e.g. arrayCopy may > uncover some interesting surprises. > See LUCENE-8164 for motivation. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (LUCENE-8165) ban Arrays.copyOfRange with forbidden APIs
[ https://issues.apache.org/jira/browse/LUCENE-8165?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16504387#comment-16504387 ] ASF subversion and git services commented on LUCENE-8165: - Commit 8a6f1bf5ada407ce75ce7b12a88e8a681d529825 in lucene-solr's branch refs/heads/master from [~dnhatn] [ https://git-wip-us.apache.org/repos/asf?p=lucene-solr.git;h=8a6f1bf ] LUCENE-8165: Ban copyOf and copyOfRange. These methods are lenient with out-of-bounds indices. Signed-off-by: Adrien Grand > ban Arrays.copyOfRange with forbidden APIs > -- > > Key: LUCENE-8165 > URL: https://issues.apache.org/jira/browse/LUCENE-8165 > Project: Lucene - Core > Issue Type: Bug >Reporter: Robert Muir >Priority: Major > Attachments: LUCENE-8165.patch, LUCENE-8165_copy_of.patch, > LUCENE-8165_copy_of_range.patch, LUCENE-8165_start.patch, > LUCENE-8165_start.patch > > > This method is no good, because instead of throwing AIOOBE for bad bounds, it > will silently fill with zeros (essentially silent corruption). Unfortunately > it is used in quite a few places so replacing it with e.g. arrayCopy may > uncover some interesting surprises. > See LUCENE-8164 for motivation. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (LUCENE-8165) ban Arrays.copyOfRange with forbidden APIs
[ https://issues.apache.org/jira/browse/LUCENE-8165?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16504366#comment-16504366 ] Simon Willnauer commented on LUCENE-8165: - +1 > ban Arrays.copyOfRange with forbidden APIs > -- > > Key: LUCENE-8165 > URL: https://issues.apache.org/jira/browse/LUCENE-8165 > Project: Lucene - Core > Issue Type: Bug >Reporter: Robert Muir >Priority: Major > Attachments: LUCENE-8165.patch, LUCENE-8165_copy_of.patch, > LUCENE-8165_copy_of_range.patch, LUCENE-8165_start.patch, > LUCENE-8165_start.patch > > > This method is no good, because instead of throwing AIOOBE for bad bounds, it > will silently fill with zeros (essentially silent corruption). Unfortunately > it is used in quite a few places so replacing it with e.g. arrayCopy may > uncover some interesting surprises. > See LUCENE-8164 for motivation. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (LUCENE-8165) ban Arrays.copyOfRange with forbidden APIs
[ https://issues.apache.org/jira/browse/LUCENE-8165?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16503521#comment-16503521 ] Uwe Schindler commented on LUCENE-8165: --- +1 > ban Arrays.copyOfRange with forbidden APIs > -- > > Key: LUCENE-8165 > URL: https://issues.apache.org/jira/browse/LUCENE-8165 > Project: Lucene - Core > Issue Type: Bug >Reporter: Robert Muir >Priority: Major > Attachments: LUCENE-8165.patch, LUCENE-8165_copy_of.patch, > LUCENE-8165_copy_of_range.patch, LUCENE-8165_start.patch, > LUCENE-8165_start.patch > > > This method is no good, because instead of throwing AIOOBE for bad bounds, it > will silently fill with zeros (essentially silent corruption). Unfortunately > it is used in quite a few places so replacing it with e.g. arrayCopy may > uncover some interesting surprises. > See LUCENE-8164 for motivation. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (LUCENE-8165) ban Arrays.copyOfRange with forbidden APIs
[ https://issues.apache.org/jira/browse/LUCENE-8165?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16503508#comment-16503508 ] Adrien Grand commented on LUCENE-8165: -- +1 I like it. > ban Arrays.copyOfRange with forbidden APIs > -- > > Key: LUCENE-8165 > URL: https://issues.apache.org/jira/browse/LUCENE-8165 > Project: Lucene - Core > Issue Type: Bug >Reporter: Robert Muir >Priority: Major > Attachments: LUCENE-8165.patch, LUCENE-8165_copy_of.patch, > LUCENE-8165_copy_of_range.patch, LUCENE-8165_start.patch, > LUCENE-8165_start.patch > > > This method is no good, because instead of throwing AIOOBE for bad bounds, it > will silently fill with zeros (essentially silent corruption). Unfortunately > it is used in quite a few places so replacing it with e.g. arrayCopy may > uncover some interesting surprises. > See LUCENE-8164 for motivation. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (LUCENE-8165) ban Arrays.copyOfRange with forbidden APIs
[ https://issues.apache.org/jira/browse/LUCENE-8165?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16502419#comment-16502419 ] Nhat Nguyen commented on LUCENE-8165: - I've attached a new patch which removes both `Arrays.copyOfRange` and `Arrays.copyOf` using two newly added helper methods in ArrayUtil. Please have a look. Thank you! > ban Arrays.copyOfRange with forbidden APIs > -- > > Key: LUCENE-8165 > URL: https://issues.apache.org/jira/browse/LUCENE-8165 > Project: Lucene - Core > Issue Type: Bug >Reporter: Robert Muir >Priority: Major > Attachments: LUCENE-8165.patch, LUCENE-8165_copy_of.patch, > LUCENE-8165_copy_of_range.patch, LUCENE-8165_start.patch, > LUCENE-8165_start.patch > > > This method is no good, because instead of throwing AIOOBE for bad bounds, it > will silently fill with zeros (essentially silent corruption). Unfortunately > it is used in quite a few places so replacing it with e.g. arrayCopy may > uncover some interesting surprises. > See LUCENE-8164 for motivation. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (LUCENE-8165) ban Arrays.copyOfRange with forbidden APIs
[
https://issues.apache.org/jira/browse/LUCENE-8165?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16500497#comment-16500497
]
Nhat Nguyen commented on LUCENE-8165:
-
+1: {{copyOfSubArray}} to be more explicit about the fact that it is a copy
> ban Arrays.copyOfRange with forbidden APIs
> --
>
> Key: LUCENE-8165
> URL: https://issues.apache.org/jira/browse/LUCENE-8165
> Project: Lucene - Core
> Issue Type: Bug
>Reporter: Robert Muir
>Priority: Major
> Attachments: LUCENE-8165_copy_of.patch,
> LUCENE-8165_copy_of_range.patch, LUCENE-8165_start.patch,
> LUCENE-8165_start.patch
>
>
> This method is no good, because instead of throwing AIOOBE for bad bounds, it
> will silently fill with zeros (essentially silent corruption). Unfortunately
> it is used in quite a few places so replacing it with e.g. arrayCopy may
> uncover some interesting surprises.
> See LUCENE-8164 for motivation.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (LUCENE-8165) ban Arrays.copyOfRange with forbidden APIs
[
https://issues.apache.org/jira/browse/LUCENE-8165?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16500492#comment-16500492
]
Adrien Grand commented on LUCENE-8165:
--
bq. I think our code will be more clear and less error-prone with these helper
methods.
+1 I was going to use something like that too. I understand why someone would
like the explicitness of System.arraycopy, but I miss the type safety and
conciseness of Arrays.copyOf/copyOfRange. Maybe call the second method that you
suggested something like {{copyOfSubArray}} to be more explicit about the fact
that it is a copy?
> ban Arrays.copyOfRange with forbidden APIs
> --
>
> Key: LUCENE-8165
> URL: https://issues.apache.org/jira/browse/LUCENE-8165
> Project: Lucene - Core
> Issue Type: Bug
>Reporter: Robert Muir
>Priority: Major
> Attachments: LUCENE-8165_copy_of.patch,
> LUCENE-8165_copy_of_range.patch, LUCENE-8165_start.patch,
> LUCENE-8165_start.patch
>
>
> This method is no good, because instead of throwing AIOOBE for bad bounds, it
> will silently fill with zeros (essentially silent corruption). Unfortunately
> it is used in quite a few places so replacing it with e.g. arrayCopy may
> uncover some interesting surprises.
> See LUCENE-8164 for motivation.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (LUCENE-8165) ban Arrays.copyOfRange with forbidden APIs
[ https://issues.apache.org/jira/browse/LUCENE-8165?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16500444#comment-16500444 ] Nhat Nguyen commented on LUCENE-8165: - [~rcmuir] and [~simonw] I've submitted a new patch which removes Arrays#copyOf. This patch is on top of the #copyOfRange patch. I considered introducing `ArrayUtils#growExact(array, newLength)` and `ArrayUtils#subArray(array, from, to)`. Method `ArrayUtils#growExact` will grow an array to the exact given length instead of an over-allocated length like ` ArrayUtils#grow`. I think our code will be more clear and less error-prone with these helper methods. I am open to suggestions. Please have a look when you have time. Thank you! > ban Arrays.copyOfRange with forbidden APIs > -- > > Key: LUCENE-8165 > URL: https://issues.apache.org/jira/browse/LUCENE-8165 > Project: Lucene - Core > Issue Type: Bug >Reporter: Robert Muir >Priority: Major > Attachments: LUCENE-8165_copy_of.patch, > LUCENE-8165_copy_of_range.patch, LUCENE-8165_start.patch, > LUCENE-8165_start.patch > > > This method is no good, because instead of throwing AIOOBE for bad bounds, it > will silently fill with zeros (essentially silent corruption). Unfortunately > it is used in quite a few places so replacing it with e.g. arrayCopy may > uncover some interesting surprises. > See LUCENE-8164 for motivation. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (LUCENE-8165) ban Arrays.copyOfRange with forbidden APIs
[ https://issues.apache.org/jira/browse/LUCENE-8165?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16497871#comment-16497871 ] Robert Muir commented on LUCENE-8165: - yeah, lets split it up. > ban Arrays.copyOfRange with forbidden APIs > -- > > Key: LUCENE-8165 > URL: https://issues.apache.org/jira/browse/LUCENE-8165 > Project: Lucene - Core > Issue Type: Bug >Reporter: Robert Muir >Priority: Major > Attachments: LUCENE-8165_copy_of_range.patch, > LUCENE-8165_start.patch, LUCENE-8165_start.patch > > > This method is no good, because instead of throwing AIOOBE for bad bounds, it > will silently fill with zeros (essentially silent corruption). Unfortunately > it is used in quite a few places so replacing it with e.g. arrayCopy may > uncover some interesting surprises. > See LUCENE-8164 for motivation. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (LUCENE-8165) ban Arrays.copyOfRange with forbidden APIs
[ https://issues.apache.org/jira/browse/LUCENE-8165?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16497861#comment-16497861 ] Simon Willnauer commented on LUCENE-8165: - patch looks good to me. [~rcmuir] do you wanna go ahead and commit this and push a separate change for _ Arrays#copyOf_? > ban Arrays.copyOfRange with forbidden APIs > -- > > Key: LUCENE-8165 > URL: https://issues.apache.org/jira/browse/LUCENE-8165 > Project: Lucene - Core > Issue Type: Bug >Reporter: Robert Muir >Priority: Major > Attachments: LUCENE-8165_copy_of_range.patch, > LUCENE-8165_start.patch, LUCENE-8165_start.patch > > > This method is no good, because instead of throwing AIOOBE for bad bounds, it > will silently fill with zeros (essentially silent corruption). Unfortunately > it is used in quite a few places so replacing it with e.g. arrayCopy may > uncover some interesting surprises. > See LUCENE-8164 for motivation. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (LUCENE-8165) ban Arrays.copyOfRange with forbidden APIs
[ https://issues.apache.org/jira/browse/LUCENE-8165?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16497498#comment-16497498 ] Robert Muir commented on LUCENE-8165: - This looks good, thanks! I had forgotten about this issue, great to have more progress. > ban Arrays.copyOfRange with forbidden APIs > -- > > Key: LUCENE-8165 > URL: https://issues.apache.org/jira/browse/LUCENE-8165 > Project: Lucene - Core > Issue Type: Bug >Reporter: Robert Muir >Priority: Major > Attachments: LUCENE-8165_copy_of_range.patch, > LUCENE-8165_start.patch, LUCENE-8165_start.patch > > > This method is no good, because instead of throwing AIOOBE for bad bounds, it > will silently fill with zeros (essentially silent corruption). Unfortunately > it is used in quite a few places so replacing it with e.g. arrayCopy may > uncover some interesting surprises. > See LUCENE-8164 for motivation. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (LUCENE-8165) ban Arrays.copyOfRange with forbidden APIs
[ https://issues.apache.org/jira/browse/LUCENE-8165?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16497476#comment-16497476 ] Nhat Nguyen commented on LUCENE-8165: - [~rcmuir] I continued your initial patch and completed the first round which removes all Arrays#copyOfRange usages. I will do another round for Arrays#copyOf. Could you please have a look? Thank you! > ban Arrays.copyOfRange with forbidden APIs > -- > > Key: LUCENE-8165 > URL: https://issues.apache.org/jira/browse/LUCENE-8165 > Project: Lucene - Core > Issue Type: Bug >Reporter: Robert Muir >Priority: Major > Attachments: LUCENE-8165_copy_of_range.patch, > LUCENE-8165_start.patch, LUCENE-8165_start.patch > > > This method is no good, because instead of throwing AIOOBE for bad bounds, it > will silently fill with zeros (essentially silent corruption). Unfortunately > it is used in quite a few places so replacing it with e.g. arrayCopy may > uncover some interesting surprises. > See LUCENE-8164 for motivation. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (LUCENE-8165) ban Arrays.copyOfRange with forbidden APIs
[ https://issues.apache.org/jira/browse/LUCENE-8165?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16356399#comment-16356399 ] Robert Muir commented on LUCENE-8165: - For the record copyOf does similar lenient filling, but will be even trickier to clean up since about half the uses i see are arguably "valid" (explicitly oversizing arrays for future growth) and the other half are definitely invalid... e.g. when you see it used in asserts in tests, etc, thats wrong. We need to nuke it too: we should use the standard ArrayUtil.grow() for this stuff, so the code is clear, too. And those methods can use arraycopy under the hood. > ban Arrays.copyOfRange with forbidden APIs > -- > > Key: LUCENE-8165 > URL: https://issues.apache.org/jira/browse/LUCENE-8165 > Project: Lucene - Core > Issue Type: Bug >Reporter: Robert Muir >Priority: Major > Attachments: LUCENE-8165_start.patch, LUCENE-8165_start.patch > > > This method is no good, because instead of throwing AIOOBE for bad bounds, it > will silently fill with zeros (essentially silent corruption). Unfortunately > it is used in quite a few places so replacing it with e.g. arrayCopy may > uncover some interesting surprises. > See LUCENE-8164 for motivation. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (LUCENE-8165) ban Arrays.copyOfRange with forbidden APIs
[ https://issues.apache.org/jira/browse/LUCENE-8165?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16356376#comment-16356376 ] Robert Muir commented on LUCENE-8165: - attached starter patch that fixes BytesRef/CharsRef/IntsRef/LongsRef to just use good old arraycopy and adds tests. There are a lot more usages to fix but it demonstrates the problem. > ban Arrays.copyOfRange with forbidden APIs > -- > > Key: LUCENE-8165 > URL: https://issues.apache.org/jira/browse/LUCENE-8165 > Project: Lucene - Core > Issue Type: Bug >Reporter: Robert Muir >Priority: Major > Attachments: LUCENE-8165_start.patch > > > This method is no good, because instead of throwing AIOOBE for bad bounds, it > will silently fill with zeros (essentially silent corruption). Unfortunately > it is used in quite a few places so replacing it with e.g. arrayCopy may > uncover some interesting surprises. > See LUCENE-8164 for motivation. -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
