Skip to content

Commit 21922c1

Browse files
jfreejfree
committed
Changes from jfree#397 
1 parent 2fc918e commit 21922c1

File tree

2 files changed

+14
-5
lines changed

2 files changed

+14
-5
lines changed

src/main/java/org/jfree/chart/plot/compass/CompassPlot.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -456,7 +456,7 @@ public void setSeriesNeedle(int index, int type) {
456456
* @param needle the needle.
457457
*/
458458
public void setSeriesNeedle(int index, MeterNeedle needle) {
459-
if ((needle != null) && (index < this.seriesNeedle.length)) {
459+
if ((needle != null) && (index >= 0) && (index < this.seriesNeedle.length)) {
460460
this.seriesNeedle[index] = needle;
461461
}
462462
fireChangeEvent();

src/test/java/org/jfree/chart/plot/compass/CompassPlotTest.java

Lines changed: 13 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -50,13 +50,13 @@
5050
/**
5151
* Tests for the {@link CompassPlot} class.
5252
*/
53-
public class CompassPlotTest {
53+
class CompassPlotTest {
5454

5555
/**
5656
* Test the equals() method.
5757
*/
5858
@Test
59-
public void testEquals() {
59+
void testEquals() {
6060
CompassPlot plot1 = new CompassPlot();
6161
CompassPlot plot2 = new CompassPlot();
6262
assertEquals(plot1, plot2);
@@ -108,7 +108,7 @@ public void testEquals() {
108108
* Serialize an instance, restore it, and check for equality.
109109
*/
110110
@Test
111-
public void testSerialization() {
111+
void testSerialization() {
112112
CompassPlot p1 = new CompassPlot(null);
113113
p1.setRosePaint(new GradientPaint(1.0f, 2.0f, Color.RED, 3.0f, 4.0f,
114114
Color.BLUE));
@@ -125,12 +125,21 @@ public void testSerialization() {
125125
* @throws java.lang.CloneNotSupportedException
126126
*/
127127
@Test
128-
public void testCloning() throws CloneNotSupportedException {
128+
void testCloning() throws CloneNotSupportedException {
129129
CompassPlot p1 = new CompassPlot(new DefaultValueDataset(15.0));
130130
CompassPlot p2 = CloneUtils.clone(p1);
131131
assertNotSame(p1, p2);
132132
assertSame(p1.getClass(), p2.getClass());
133133
assertEquals(p1, p2);
134134
}
135135

136+
/**
137+
* Test faulty array bounds; CVE-2024-23077.
138+
*/
139+
@Test
140+
void testArrayBounds() {
141+
CompassPlot p = new CompassPlot(new DefaultValueDataset(0));
142+
p.setSeriesNeedle(-1, new PointerNeedle());
143+
}
144+
136145
}

0 commit comments

Comments
 (0)