You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
What steps will reproduce the problem?
1. Write the following java code
char [] first = {'1','2'};
char [] second = {'3','4'};
System.out.println(StringUtilities.union(first,second));
2. Run to get the output
What is the expected output? What do you see instead?
Expect to see: 1, 2, 3, 4
What I see intead: 112234 (One of the char arrays is repeated)
The StringUtils.union method is also used in the generateStrongPassword
functionality and this issue weakens the passwords generated
What version of the product are you using? On what operating system?
ESAPI 2.1.0
Does this issue affect only a specified browser or set of browsers?
Not applicable
Please provide any additional information below.
The issue comes because the StringUtils.union method is wrong.
Correct implementation of this function can be (instead of the current method):
public static char[] union(char[]... list) {
StringBuilder sb = new StringBuilder();
for (char[] characters : list) {
for (int i = 0; i < characters.length; i++) {
if (!contains(sb, characters[i]))
sb.append(characters[i]);
}
}
char[] toReturn = new char[sb.length()];
sb.getChars(0, sb.length(), toReturn, 0);
Arrays.sort(toReturn);
return toReturn;
}
Original issue reported on code.google.com by [email protected] on 23 Mar 2015 at 2:46
The text was updated successfully, but these errors were encountered:
Original issue reported on code.google.com by
[email protected]
on 23 Mar 2015 at 2:46The text was updated successfully, but these errors were encountered: