1 /*
2  * Copyright (c) 2001, Oracle and/or its affiliates. All rights reserved.
3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4  *
5  * This code is free software; you can redistribute it and/or modify it
6  * under the terms of the GNU General Public License version 2 only, as
7  * published by the Free Software Foundation.
8  *
9  * This code is distributed in the hope that it will be useful, but WITHOUT
10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12  * version 2 for more details (a copy is included in the LICENSE file that
13  * accompanied this code).
14  *
15  * You should have received a copy of the GNU General Public License version
16  * 2 along with this work; if not, write to the Free Software Foundation,
17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18  *
19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20  * or visit www.oracle.com if you need additional information or have any
21  * questions.
22  */
23 
24 /* @test
25  * @bug 4450867
26  * @summary Although technically the behavior of ObjectInputStream following a
27  *          UTFDataFormatException is unspecified, verify that
28  *          ObjectInputStream consumes at most the expected number of utf
29  *          bytes, even if the last byte(s) of the utf string indicate that the
30  *          string overflows its expected length.
31  * @key randomness
32  */
33 
34 import java.io.*;
35 import java.util.Random;
36 
37 public class CorruptedUTFConsumption {
38 
39     static Random rand = new Random(System.currentTimeMillis());
40 
main(String[] args)41     public static void main(String[] args) throws Exception {
42         StringBuffer sbuf = new StringBuffer();
43         ByteArrayOutputStream bout = new ByteArrayOutputStream();
44         DataOutputStream dout = new DataOutputStream(bout);
45 
46         for (int i = 0; i < 1200; i++) {
47             sbuf.append(i % 10);
48             bout.reset();
49             dout.writeUTF(sbuf.toString());
50             byte[] utf = bout.toByteArray();
51 
52             // set last byte to first byte of 2-char sequence
53             utf[utf.length - 1] = (byte) (0xC0 | rand.nextInt() & 0x1F);
54             checkConsume(utf);
55 
56             // set last byte to first byte of 3-char sequence
57             utf[utf.length - 1] = (byte) (0xE0 | rand.nextInt() & 0x0F);
58             checkConsume(utf);
59 
60             if (utf.length >= 4) {      // don't touch utf length bytes
61                 // set last 2 bytes to first, second byte of 3-char sequence
62                 utf[utf.length - 2] = (byte) (0xE0 | rand.nextInt() & 0x0F);
63                 utf[utf.length - 1] = (byte) (0x80 | rand.nextInt() & 0x3F);
64                 checkConsume(utf);
65             }
66         }
67     }
68 
checkConsume(byte[] utf)69     static void checkConsume(byte[] utf) throws Exception {
70         ByteArrayOutputStream bout = new ByteArrayOutputStream();
71         ObjectOutputStream oout = new ObjectOutputStream(bout);
72         oout.write(utf);
73         oout.writeByte(0);      // leave one byte of padding
74         oout.close();
75         ObjectInputStream oin = new ObjectInputStream(
76             new ByteArrayInputStream(bout.toByteArray()));
77         try {
78             oin.readUTF();
79             throw new Error();
80         } catch (UTFDataFormatException ex) {
81         }
82         // if readUTF consumed padding byte, readByte will throw EOFException
83         oin.readByte();
84     }
85 }
86