From 1ed7d2cad511aa35f74ccb5d11374efffba40b4d Mon Sep 17 00:00:00 2001
From: jmestwa-coder <jmestwa@gmail.com>
Date: Sat, 2 May 2026 21:39:29 +0530
Subject: [PATCH] guard against integer overflow in write()

---
 .../java/org/apache/wicket/util/io/ByteArrayOutputStream.java | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/wicket-util/src/main/java/org/apache/wicket/util/io/ByteArrayOutputStream.java b/wicket-util/src/main/java/org/apache/wicket/util/io/ByteArrayOutputStream.java
index 228c910ab57..7d752243ca6 100644
--- a/wicket-util/src/main/java/org/apache/wicket/util/io/ByteArrayOutputStream.java
+++ b/wicket-util/src/main/java/org/apache/wicket/util/io/ByteArrayOutputStream.java
@@ -172,6 +172,10 @@ else if (len == 0)
 			return;
 		}
 		int newcount = count + len;
+		if (newcount < 0)
+		{
+			throw new IndexOutOfBoundsException("Total size too large: " + newcount);
+		}
 		int remaining = len;
 		int inBufferPos = count - filledBufferSum;
 		while (remaining > 0)