-
Notifications
You must be signed in to change notification settings - Fork 230
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CODEC-311: Fix possible ArrayIndexOutOfBoundException thrown by RefinedSoundex.getMappingCode() #219
CODEC-311: Fix possible ArrayIndexOutOfBoundException thrown by RefinedSoundex.getMappingCode() #219
Conversation
Signed-off-by: Arthur Chan <arthur.chan@adalogics.com>
Hello @arthurscchan |
@garydgregory Thanks for the comment. I have added a unit test. |
Codecov ReportAttention:
Additional details and impacted files@@ Coverage Diff @@
## master #219 +/- ##
============================================
- Coverage 92.27% 92.22% -0.05%
- Complexity 1742 1747 +5
============================================
Files 67 67
Lines 4584 4594 +10
Branches 709 714 +5
============================================
+ Hits 4230 4237 +7
- Misses 242 243 +1
- Partials 112 114 +2 ☔ View full report in Codecov by Sentry. |
src/test/java/org/apache/commons/codec/language/RefinedSoundexTest.java
Outdated
Show resolved
Hide resolved
9abdfbb
to
e1fa662
Compare
@arthurscchan |
e1fa662
to
0294b50
Compare
Signed-off-by: Arthur Chan <arthur.chan@adalogics.com>
0294b50
to
f33a657
Compare
…edSoundex.getMappingCode() #219
This fixes a possible ArrayIndexOutOfBoundException in src/main/java/org/apache/commons/codec/language/RefinedSoundex.java thrown by
RefinedSoundex.getMappingCode()
method when handling out of range letters.This PR adds a conditional checking to ensure the index is never out of bounds from the configured soundexMapping array. If the calculated index goes out of bounds, it will simply return 0, just like the original logic when Character.isLetter() returns false.
We found this bug using fuzzing by way of OSS-Fuzz. It is reported at https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64353.