StringIndexOutOfBoundsException when traceparent is too small

[alysyk]

Please answer these questions before submitting a bug report.

What version of OpenCensus are you using?

0.24.0

What JVM are you using (java -version)?

1.8

What did you do?

When using OcHttpServletFilter and the trace id is too short, TraceContextFormat's argument check, will throw a StringIndexOutOfBoundsException which is not caught.

What did you expect to see?

TraceContextFormat throws a SpanContextParseException and does not throw an uncaught exception

What did you see instead?

Uncaught StringIndexOutOfBoundsException at the application level

Additional context

By re-ordering to check length first, this issue should be caught

checkArgument(
  (traceparent.length() == TRACEPARENT_HEADER_SIZE || (traceparent.length() > TRACEPARENT_HEADER_SIZE && traceparent.charAt(TRACEPARENT_HEADER_SIZE) == TRACEPARENT_DELIMITER))
  && traceparent.charAt(TRACE_OPTION_OFFSET - 1) == TRACEPARENT_DELIMITER 
  && traceparent.charAt(SPAN_ID_OFFSET - 1) == TRACEPARENT_DELIMITER,
  "Missing or malformed TRACEPARENT.");

[dengliming]

You were right. and traceparent.charAt(TRACE_OPTION_OFFSET - 1) == TRACEPARENT_DELIMITER this line is duplicated.

[dengliming]

@alysyk Can you share your reproducing code here?

[alysyk]

If traceparent is an empty string, you'll throw a StringIndexOutOfBoundsException.

[Bharath-Ganesh]

I see that the aforementioned issue was raised a couple of years back. Can I take this over if it hasn't been resolved yet?
/assign