Avoid overreading of InputStream in copyRange

Closes gh-32695

Author: jhoeller

spring-core/src/main/java/org/springframework/util/StreamUtils.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2023 the original author or authors.
+ * Copyright 2002-2024 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -177,18 +177,13 @@ public static long copyRange(InputStream in, OutputStream out, long start, long
 		long bytesToCopy = end - start + 1;
 		byte[] buffer = new byte[(int) Math.min(StreamUtils.BUFFER_SIZE, bytesToCopy)];
 		while (bytesToCopy > 0) {
-			int bytesRead = in.read(buffer);
+			int bytesRead = (bytesToCopy < buffer.length ? in.read(buffer, 0, (int) bytesToCopy) :
+					in.read(buffer));
 			if (bytesRead == -1) {
 				break;
 			}
-			else if (bytesRead <= bytesToCopy) {
-				out.write(buffer, 0, bytesRead);
-				bytesToCopy -= bytesRead;
-			}
-			else {
-				out.write(buffer, 0, (int) bytesToCopy);
-				bytesToCopy = 0;
-			}
+			out.write(buffer, 0, bytesRead);
+			bytesToCopy -= bytesRead;
 		}
 		return (end - start + 1 - bytesToCopy);
 	}
@@ -202,7 +197,9 @@ else if (bytesRead <= bytesToCopy) {
 	 * @since 4.3
 	 */
 	public static int drain(@Nullable InputStream in) throws IOException {
-		Assert.notNull(in, "No InputStream specified");
+		if (in == null) {
+			return 0;
+		}
 		return (int) in.transferTo(OutputStream.nullOutputStream());
 	}
 

spring-core/src/test/java/org/springframework/util/StreamUtilsTests.java

@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2023 the original author or authors.
+ * Copyright 2002-2024 the original author or authors.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -38,13 +38,15 @@
  * Tests for {@link StreamUtils}.
  *
  * @author Phillip Webb
+ * @author Juergen Hoeller
  */
 class StreamUtilsTests {
 
 	private byte[] bytes = new byte[StreamUtils.BUFFER_SIZE + 10];
 
 	private String string = "";
 
+
 	@BeforeEach
 	void setup() {
 		new Random().nextBytes(bytes);
@@ -53,6 +55,7 @@ void setup() {
 		}
 	}
 
+
 	@Test
 	void copyToByteArray() throws Exception {
 		InputStream inputStream = new ByteArrayInputStream(bytes);
@@ -91,11 +94,30 @@ void copyStream() throws Exception {
 	}
 
 	@Test
-	void copyRange() throws Exception {
+	void copyRangeWithinBuffer() throws Exception {
+		ByteArrayOutputStream out = new ByteArrayOutputStream();
+		ByteArrayInputStream in = new ByteArrayInputStream(bytes);
+		StreamUtils.copyRange(in, out, 0, 100);
+		assertThat(in.available()).isEqualTo(bytes.length - 101);
+		assertThat(out.toByteArray()).isEqualTo(Arrays.copyOfRange(bytes, 0, 101));
+	}
+
+	@Test
+	void copyRangeBeyondBuffer() throws Exception {
 		ByteArrayOutputStream out = new ByteArrayOutputStream();
-		StreamUtils.copyRange(new ByteArrayInputStream(bytes), out, 0, 100);
-		byte[] range = Arrays.copyOfRange(bytes, 0, 101);
-		assertThat(out.toByteArray()).isEqualTo(range);
+		ByteArrayInputStream in = new ByteArrayInputStream(bytes);
+		StreamUtils.copyRange(in, out, 0, 8200);
+		assertThat(in.available()).isEqualTo(1);
+		assertThat(out.toByteArray()).isEqualTo(Arrays.copyOfRange(bytes, 0, 8201));
+	}
+
+	@Test
+	void copyRangeBeyondAvailable() throws Exception {
+		ByteArrayOutputStream out = new ByteArrayOutputStream();
+		ByteArrayInputStream in = new ByteArrayInputStream(bytes);
+		StreamUtils.copyRange(in, out, 0, 8300);
+		assertThat(in.available()).isEqualTo(0);
+		assertThat(out.toByteArray()).isEqualTo(Arrays.copyOfRange(bytes, 0, 8202));
 	}
 
 	@Test
@@ -127,4 +149,5 @@ void nonClosingOutputStream() throws Exception {
 		ordered.verify(source).write(bytes, 1, 2);
 		ordered.verify(source, never()).close();
 	}
+
 }