From 95bc7e1345ead598bbdb757785c0c11077a315f5 Mon Sep 17 00:00:00 2001
From: Alex Herbert <aherbert@apache.org>
Date: Sat, 28 Dec 2019 10:52:26 +0000
Subject: [PATCH] Make the length check overflow safe.

---
 .../java/org/apache/commons/codec/digest/MurmurHash3.java    | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/main/java/org/apache/commons/codec/digest/MurmurHash3.java b/src/main/java/org/apache/commons/codec/digest/MurmurHash3.java
index 45bc4c3351..31433fbc12 100644
--- a/src/main/java/org/apache/commons/codec/digest/MurmurHash3.java
+++ b/src/main/java/org/apache/commons/codec/digest/MurmurHash3.java
@@ -1030,8 +1030,9 @@ public final void add(final byte[] data, final int offset, final int length) {
             //                main block
             //                                remaining
 
-            // Check if the unprocessed bytes and new bytes can fill a block of 4
-            if (unprocessedLength + length < BLOCK_SIZE) {
+            // Check if the unprocessed bytes and new bytes can fill a block of 4.
+            // Make this overflow safe in the event that length is Integer.MAX_VALUE.
+            if (unprocessedLength + length - BLOCK_SIZE < 0) {
                 // Not enough so add to the unprocessed bytes
                 System.arraycopy(data, offset, unprocessed, unprocessedLength, length);
                 unprocessedLength += length;