Affected version
HEAD
Bug description
File: src/main/java/org/apache/maven/shared/filtering/MultiDelimiterInterpolatorFilterReaderLineEnding.java
Lines 223 and 246 — The escape-detection loop (line 223) and delimiter-detection loop (line 246) are missing ch == -1 EOF checks. The equivalent single-delimiter class InterpolatorFilterReaderLineEnding correctly includes these checks (lines 206 and 221).
In the escape loop (line 223):
if (ch != getEscapeString().charAt(i) || ch == '\n' && !supportMultiLineFiltering) {
Missing: || ch == -1
In the delimiter loop (line 246):
if (ch != begin.charAt(i) || ch == '\n' && !supportMultiLineFiltering) {
Missing: || ch == -1
When EOF (-1) is encountered during escape string or begin-token matching, (char) ch casts -1 to 0xFFFF, which is appended to the key StringBuilder as a garbage character. In the escape loop this is partially mitigated because the mismatch branch clears the key (key.setLength(0)), but the garbage still appears in the key transiently and the key.append((char) ch) at line 221 runs before any check. In the delimiter loop the garbage char is silently consumed.
Impact: When a file ends during a begin-token or escape-string sequence, the reader can output corrupted data (garbage character inserted) or skip bytes.
Affected version
HEAD
Bug description
File: src/main/java/org/apache/maven/shared/filtering/MultiDelimiterInterpolatorFilterReaderLineEnding.java
Lines 223 and 246 — The escape-detection loop (line 223) and delimiter-detection loop (line 246) are missing ch == -1 EOF checks. The equivalent single-delimiter class InterpolatorFilterReaderLineEnding correctly includes these checks (lines 206 and 221).
In the escape loop (line 223):
if (ch != getEscapeString().charAt(i) || ch == '\n' && !supportMultiLineFiltering) {
Missing: || ch == -1
In the delimiter loop (line 246):
if (ch != begin.charAt(i) || ch == '\n' && !supportMultiLineFiltering) {
Missing: || ch == -1
When EOF (-1) is encountered during escape string or begin-token matching, (char) ch casts -1 to 0xFFFF, which is appended to the key StringBuilder as a garbage character. In the escape loop this is partially mitigated because the mismatch branch clears the key (key.setLength(0)), but the garbage still appears in the key transiently and the key.append((char) ch) at line 221 runs before any check. In the delimiter loop the garbage char is silently consumed.
Impact: When a file ends during a begin-token or escape-string sequence, the reader can output corrupted data (garbage character inserted) or skip bytes.