Package: kaffe-common Version: 2:1.1.5-3 Severity: normal
There is a bug in how KaffeEncoder manages its character buffer. In the corner case, the bug results in an exception when an application program uses functionality that is implemented using this class. A simple test program prints 4096 stars and one dot on other JVMs but throws an exception on Kaffe: import java.io.OutputStreamWriter; class KaffeWriterBug { public static void main(String args[]) throws Exception { OutputStreamWriter w = new OutputStreamWriter(System.out); for (int i=0; i<4096; i++) w.write("*"); w.write('.'); w.flush(); } } The buggy case is the use of the method write(char) after a call to the method write(String) that has filled the character buffer in KaffeEncoder (4096 characters). A simple fix is to ensure in both methods adding to the buffer that the buffer isn't full when the method returns. It seems that after the release of 1.1.5 the source file in question has been removed from the upstream CVS, the functionality re-implemented with java.nio. Attached is a patch that makes write(String) flush the buffer also when the write would fill the buffer but not overflow it. -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.8-2-686 Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15) Versions of packages kaffe-common depends on: ii java-common 0.22 Base of all Java packages -- no debconf information
diff -Naur kaffe-1.1.5/kaffe-1.1.5/libraries/javalib/gnu/java/io/encode/KaffeEncoder.java kaffe-1.1.5-writerfix/kaffe-1.1.5/libraries/javalib/gnu/java/io/encode/KaffeEncoder.java --- kaffe-1.1.5/kaffe-1.1.5/libraries/javalib/gnu/java/io/encode/KaffeEncoder.java 2005-05-09 02:46:54.161378288 +0300 +++ kaffe-1.1.5-writerfix/kaffe-1.1.5/libraries/javalib/gnu/java/io/encode/KaffeEncoder.java 2005-05-09 03:35:41.461361048 +0300 @@ -151,7 +151,7 @@ write(char[] buf, int offset, int len) throws IOException { synchronized (lock) { - if (len > buffer.length - ptr) { + if (len >= buffer.length - ptr) { localFlush(); _write(buf, offset, len); } else if (len == 1) {