From: Nick Burch <nick@apache.org>
Date: Wed, 29 May 2013 17:25:40 +0000 (+0000)
Subject: Fix bug #54682 - UnhandledDataStructure should sanity check before allocating, not... 
X-Git-Tag: 3.10-beta1~44
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=25bc679244188d63de690354db0e3f301291e252;p=poi.git

Fix bug #54682 - UnhandledDataStructure should sanity check before allocating, not after

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1487555 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/src/scratchpad/src/org/apache/poi/hwpf/model/UnhandledDataStructure.java b/src/scratchpad/src/org/apache/poi/hwpf/model/UnhandledDataStructure.java
index 441ec0310b..6cf53f7460 100644
--- a/src/scratchpad/src/org/apache/poi/hwpf/model/UnhandledDataStructure.java
+++ b/src/scratchpad/src/org/apache/poi/hwpf/model/UnhandledDataStructure.java
@@ -17,8 +17,15 @@
 
 package org.apache.poi.hwpf.model;
 
+import java.util.Arrays;
+
 import org.apache.poi.util.Internal;
 
+/**
+ * A data structure used to hold some data we don't
+ *  understand / can't handle, so we have it available
+ *  for when we come to write back out again 
+ */
 @Internal
 public final class UnhandledDataStructure
 {
@@ -26,14 +33,20 @@ public final class UnhandledDataStructure
 
   public UnhandledDataStructure(byte[] buf, int offset, int length)
   {
-//    System.out.println("Yes, using my code");
-    _buf = new byte[length];
+    // Sanity check the size they've asked for
     if (offset + length > buf.length)
     {
-      throw new IndexOutOfBoundsException("buffer length is " + buf.length +
-                                          "but code is trying to read " + length + " from offset " + offset);
+      throw new IndexOutOfBoundsException("Buffer Length is " + buf.length + " " +
+                                          "but code is tried to read " + length + " from offset " + offset);
+    }
+    if (offset < 0 || length < 0)
+    {
+       throw new IndexOutOfBoundsException("Offset and Length must both be >= 0, negative " +
+       		"indicies are not permitted - code is tried to read " + length + " from offset " + offset);
     }
-    System.arraycopy(buf, offset, _buf, 0, length);
+    
+    // Save that requested portion of the data 
+    _buf = Arrays.copyOfRange(buf, offset, offset + length);
   }
 
   byte[] getBuf()