Iso88591StringBuilder.append seems to have a logic error

[cquezel]

Jetty version(s)
10.0.5, 11.0.5, 12.0.0

Jetty Environment
all

Java version/vendor
N/A

OS type/version
N/A

Description
class: org.eclipse.jetty.util.CharsetStringBuilder.Iso88591StringBuilder
method: public void append(CharSequence chars, int offset, int length)

The Iso88591StringBuilder.append method:

    @Override
    public void append(CharSequence chars, int offset, int length)
    {
        _builder.append(chars, offset, length);
    }

calls _builder.append(chars, offset, length) where _builder is a java java.lang.StringBuilder.

The formal parameters to StringBuilder.append are:

 * @param   s the sequence to append.
 * @param   start   the starting index of the subsequence to be appended.
 * @param   end     the end index of the subsequence to be appended.

Note that the end parameter is not correct. It expects offset + length instead of length.
This creates an java.lang.IndexOutOfBoundsException: start 109, end 0, length 241 (for example)

So the Iso88591StringBuilder.append method should be fixed to:

_builder.append(chars, offset, offset + length);

This is called by
class: org.eclipse.jetty.util.UrlEncoded
method: public static String decodeString(String encoded, int offset, int length, Charset charset)
line: 800 (and many others)

                    buffer = CharsetStringBuilder.forCharset(charset); // line 799
                    buffer.append(encoded, offset, i); // line 800

Line 799 instantiates a Iso88591StringBuilder.
Line 800 calls buffer.append

The actual parameters to buffer.append are:
encoded: the string
offset: start position in encoded
i: the character index after offset (i.e. 0, 1, 2 ...)

How to reproduce?

Any url encoded request using Iso88591

[gregw]

Thanks for the report. I have reproduced and it is indeed a bug that is actually all the way back from jetty 10. Fix coming.