CODEC-311: Fix possible ArrayIndexOutOfBoundException thrown by RefinedSoundex.getMappingCode() #219
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Arthur Chan <arthur.chan@adalogics.com>
|
Hello @arthurscchan |
|
@garydgregory Thanks for the comment. I have added a unit test. |
Codecov ReportAttention:
Additional details and impacted files@@ Coverage Diff @@
## master #219 +/- ##
============================================
- Coverage 92.27% 92.22% -0.05%
- Complexity 1742 1747 +5
============================================
Files 67 67
Lines 4584 4594 +10
Branches 709 714 +5
============================================
+ Hits 4230 4237 +7
- Misses 242 243 +1
- Partials 112 114 +2 ☔ View full report in Codecov by Sentry. |
garydgregory
requested changes
Nov 22, 2023
src/test/java/org/apache/commons/codec/language/RefinedSoundexTest.java
Outdated
Show resolved
Hide resolved
arthurscchan
force-pushed
the
CODEC-311-ArrayIndexOutOfBound
branch
2 times, most recently
from
9abdfbb
to
e1fa662
Compare
|
@arthurscchan |
arthurscchan
changed the title
arthurscchan
changed the title
arthurscchan
force-pushed
the
CODEC-311-ArrayIndexOutOfBound
branch
from
e1fa662
to
0294b50
Compare
Signed-off-by: Arthur Chan <arthur.chan@adalogics.com>
arthurscchan
force-pushed
the
CODEC-311-ArrayIndexOutOfBound
branch
from
0294b50
to
f33a657
Compare
garydgregory
added a commit
that referenced
this pull request
Nov 25, 2023
…edSoundex.getMappingCode() #219
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This fixes a possible ArrayIndexOutOfBoundException in src/main/java/org/apache/commons/codec/language/RefinedSoundex.java thrown by
RefinedSoundex.getMappingCode()method when handling out of range letters.This PR adds a conditional checking to ensure the index is never out of bounds from the configured soundexMapping array. If the calculated index goes out of bounds, it will simply return 0, just like the original logic when Character.isLetter() returns false.
We found this bug using fuzzing by way of OSS-Fuzz. It is reported at https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64353.