ppkarwasz commented on PR #1379: URL: https://github.com/apache/commons-lang/pull/1379#issuecomment-2862166291
> Added a length restriction to `RandomStringutils`, limiting the cache to 60M entries. Because of rejections the bitIndex in the underling cache can overflow when right shifting. Also added a test to verify the fix. The problem is caused by an integer overflow of `bitIndex` in: https://github.com/apache/commons-lang/blob/a511a163b579fdaafa81fb6ca908034d32291871/src/main/java/org/apache/commons/lang3/CachedRandomBits.java#L95 A simpler solution would be to: - Change the type of `bitIndex` to `long`, so it can count up to `8 * Integer.MAX_VALUE` - Refactor the expression that computes the `cacheSize` argument in a way that it does not overflow: https://github.com/apache/commons-lang/blob/a511a163b579fdaafa81fb6ca908034d32291871/src/main/java/org/apache/commons/lang3/RandomStringUtils.java#L332 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
