Issues
- UUID version not correctly validatedHV-2067Resolved issue: HV-2067Marko Bekhta
- Upgrade ByteBuddy to a version with JDK 21 supportHV-2028
- Validator.validateValue() prints no violations on an interfaceHV-2018Resolved issue: HV-2018Marko Bekhta
- New Alphanumeric CNPJHV-1999Resolved issue: HV-1999Marko Bekhta
- Upgrade jboss-logging to latest version (3.6.0)HV-1988Resolved issue: HV-1988Marko Bekhta
- Expression Language not propagated to iterable nodeHV-1978Resolved issue: HV-1978Marko Bekhta
- Annotation processor does not account for additional constraint definitions registered via service loadingHV-1972
- CNPJ with all digits the sameHV-1971Resolved issue: HV-1971Eduardo Soares
- Remove relativePath in pom because it's defaultHV-1962Resolved issue: HV-1962Karl Heinz Marbaise
- Upgrade maven-surefire-plugin/maven-failsafe-plugin version to 3.1.2HV-1961Resolved issue: HV-1961Karl Heinz Marbaise
- JDK 17 : Jmigrate Finding (Remove dependency on * javafx/beans)HV-1960Resolved issue: HV-1960
11 of 11
UUID version not correctly validated
Fixed
Description
Environment
Validator 8.0.1.Final, Java23.28+85-CA (Zulu)
Attachments
2
Details
Assignee
Marko BekhtaMarko BekhtaReporter
Pasqual KoschmiederPasqual KoschmiederBug Testcase Reminder (view)
Bug reports should generally be accompanied by a test case!
Bug Testcase Reminder (edit)
Bug reports should generally be accompanied by a test case!
Participants
Marko BekhtaPasqual KoschmiederComponents
Fix versions
Affects versions
Priority
Major
Details
Details
Assignee
Marko Bekhta
Marko Bekhta
Reporter
Pasqual Koschmieder
Pasqual Koschmieder
Bug Testcase Reminder (view)
Bug reports should generally be accompanied by a test case!
Bug Testcase Reminder (edit)
Bug reports should generally be accompanied by a test case!
Participants
Marko Bekhta
Pasqual Koschmieder
Components
Fix versions
Affects versions
Priority
MajorCreated December 8, 2024 at 12:02 AM
Updated December 13, 2024 at 5:40 PM
Resolved December 12, 2024 at 11:00 AM
Activity
Show:
Marko BekhtaDecember 9, 2024 at 8:43 AM
Hey, thanks for bringing this up!
Using a UUID constraint which specifies a specific version to match, the version is actually ignored and all uuid versions can pass the constraint. An example would be this constraint:
@UUID(version = 4, allowNil = false) String idwhich should only allow UUID version 4, however the following UUID (v5) passes the constraint as well:
8d197d51-1b98-5f5a-afca-71868d272705This constraint & input combination results in the following state in UUIDValidator:
which correctly identified the versions from the constraint (4) and the version of the input uuid (5). However, the following binary search if the allowed versions array contains the uuid version checks for a return value of -1, which is incorrect as the method returns the possible insertion point which, in this case, can only be -2 or lower (for elements that are not yet in the array) as the array already contains one element (the insertion point is based on the order of the array, so 5 returns -2 because it would be after 4 in the array, but e.g. 3 would return -1 as it would be in front of 4):