fix(photon-targeting): correct off-by-one bounds checks in Packet decode methods#2528
Open
JosephTLockwood wants to merge 1 commit into
Open
fix(photon-targeting): correct off-by-one bounds checks in Packet decode methods#2528JosephTLockwood wants to merge 1 commit into
JosephTLockwood wants to merge 1 commit into
Conversation
…ode methods Every decode method under-counted the bytes it was about to read: decodeByte/decodeBoolean checked for zero remaining bytes instead of one, decodeShort for one instead of two, decodeInt/decodeFloat for three instead of four, and decodeLong/decodeDouble for seven instead of eight. A packet truncated at exactly the boundary would read past the end of the array and throw ArrayIndexOutOfBoundsException instead of returning the documented default value. Fix the arithmetic only - the return-default-on-underflow contract is unchanged. Boundary tests cover each decoder at exact-fit and one-byte-short, including reads at a non-zero readPos.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Packet's decode methods guarded each read withreadPos + (N - 1)instead ofreadPos + N, so a decode that needs the last N bytes could read one byte past the end of the buffer.decodeBytewithreadPos == lengththrowsArrayIndexOutOfBoundsException— the crash reported in #2376 on 2026.2.2 (Packet.decodeByte, "Index 34 out of bounds for length 34").Each guard is corrected to
readPos + N, andPacketTestadds boundary cases for every decode method (exact-fit decode succeeds; one byte short returns the default instead of throwing).Closes #2376
Meta
Merge checklist: