Charlie Harvey

9 lines of code, 9 billion dollars

Written by Charlie on

Six years ago Oracle, the database company which acquired the Java programming language when Sun Microsystems went titsup in 2009 started a lawsuit claiming that Google, by using some of the Java APIs in its Android operating system.

Background

Google vs oracle After trying to licence Java from Sun in 2005 and failing, Google rewrote the Java APIs that Sun wouldn’t licence it to use. Oracle think that the structure, sequence and organization of these 37 Java APIs is copyrightable. Which is batshit, obviously, but they still reckon they can get $9 billion out of Google (or a tasty out-of-court settlement). Beyond the APIs there is also an allegation that some code was directly copied.

The famous 9 lines

9 lines of code in particular have received a lot of attention this week. They implement a rangeCheck method, written by a dev called Joshua Bloch.

According to fossBytes, Bloch was implementing a sort, based on TimSort. And he wrote these lines of code, which are identical in both the Google and Oracle codebases.

private static void rangeCheck(int arrayLen, int fromIndex, int toIndex { if (fromIndex > toIndex) throw new IllegalArgumentException("fromIndex(" + fromIndex + ") > toIndex(" + toIndex+")"); if (fromIndex < 0) throw new ArrayIndexOutOfBoundsException(fromIndex); if (toIndex > arrayLen) throw new ArrayIndexOutOfBoundsException(toIndex); }

Are they copied?

Well, maybe. Bloch admits the possibility. But most programmers looking at the Java on the page would find it difficult to write this function very differently. This is the most sensible way to write down this idea, at least in Java.

My interpretation here is that Bloch probably didn’t directly copy the code. But if you are expressing an idea in a language, especially in a computer language with its much smaller vocabulary, then the form of the expression is very likely to be nearly identical. And ideas in themselves ought not to be copyrightable, much as some large vested interests wish that not to be the case.

Quick thought

Incidentally, if it were me writing this bit of code, I would put curly braces around the consequents of the if statements. Why? Because doing so decreases the risk that a refactor might introduce a subtle but deadly bug like the oft-quoted Apple gotofail horror.

if ((err = SSLHashSHA1.update(&hashCtx, &signedParams)) != 0) goto fail; goto fail; if ((err = SSLHashSHA1.final(&hashCtx, &hashOut)) != 0) goto fail;

The second goto fail will always run, which had doubleplusungood consequences for the security of Apple’s products. Nasty.


Comments

  • Be respectful. You may want to read the comment guidelines before posting.
  • You can use Markdown syntax to format your comments. You can only use level 5 and 6 headings.
  • You can add class="your language" to code blocks to help highlight.js highlight them correctly.

Privacy note: This form will forward your IP address, user agent and referrer to the Akismet, StopForumSpam and Botscout spam filtering services. I don’t log these details. Those services will. I do log everything you type into the form. Full privacy statement.