The following code in io.c should use >= to test whether the starting index is out of bounds. This is repeated in several places in io.c

    if ((off < 0) || (off > datalen)) {
        SignalError(0, JAVAPKG "ArrayIndexOutOfBoundsException", 0);
        return -1;
    }

------------------------------------------------------------------

It turns out to be worse than that. JLS 22.1.2 says that DataInput.readFully throws an exception if "off" is out of range *or* if off+len is greater than the length of the array. JLS 22.3.3 says the same thing for InputStream.read. However, the implementation in io.c silently limits the amount of data read to the length of the array. For example, reading 100 bytes into a 10 byte array *should* throw an exception, but instead it reads 10 bytes.

This means there are *two* violations of the spec in this code.


ken.arnold@East 1996-12-04

----

A clarification: The aforementioned JLS passages allow off to be "out of range"
(i.e., equal to the length of the array) as long as len = 0. But the read
methods of both FileInputStream and RandomAccessFile do violate the spec.

mark.reinhold@Eng 1996-12-05