search

yomorun / hashids-java

Hashids algorithm v1.0.0 implementation in Java
http://hashids.org
MIT License
1.02k stars 156 forks source link

ArrayIndexOutOfBoundsException #45

Closed 0x3333 closed 7 years ago

0x3333 commented 7 years ago

From issue Issue 43 - kmandeville:

I have found two other occurrences where I get ArrayIndexOutOfBoundsException from deep in the HashIds code. Hashids hashids = new Hashids("this is my salt"); long[] numbers = hashids.decode("[]");

and

Hashids hashids = new Hashids("this is my salt"); long[] numbers = hashids.decode("()");

Like the original submitter above, these aren't valid hashes, but I'm running into these errors in my web app because someone COULD put these characters in as an ID in a URL accidentally or on purpose. My app is just passing in these characters directly into HashIds. I would expect something other than ArrayIndexOutOfBoundsExceptions.

0x3333 commented 7 years ago

Fixed, instead finding all charAt that could throw an ArrayIndexOutOfBoundsException, I validate the decode method input, in case of invalid chars, return an empty array(Default JS implementation behaviour).

kmandeville commented 7 years ago

Will there be a new release in the near future? I'd rather not have to use a snapshot version

0x3333 commented 7 years ago

@kmandeville I don't think this fix should produce a new release, I issued a release May 29, 2017.

I'm waiting fanweixiao response about removing some deprecated methods and after his response a new release should be issued on July/August...

kmandeville commented 7 years ago

I didn't expect there to be one just for this fix. Was just wondering what the current plan was so I could plan on my side accordingly. Thank you!

0x3333 commented 7 years ago

No problem! Subscribe to the issue #44 , when it got fixed probably we will have a new release! Thanks for your help!

0x3333 commented 7 years ago

Just to inform a new version has been issued! 1.0.3.