*/
    @Test
    @DisplayName("Handle exact boundary data size")
    void testExactBoundarySize() throws CIFSException {
        // Test with data that ends exactly at the position where EOL should be checked
        byte[] data = new byte[0];
        byte[] avPairData = createAvPairData(AvPair.MsvAvTargetName, data);
        byte[] eolData = createEolData();

         * The canonicalization routine
         */
        for (int i = 0; i < length; i++) {
            switch (state) {
            case 0:
                if (in[i] != '/') {
                    // Checked exception (e.g. MalformedURLException) would be better
                    // but this would be a nightmare API wise
                    throw new RuntimeCIFSException("Invalid smb: URL: " + this.url);
                }

		return
	}

	dnList := r.Form["userDNs"]
	isAll := r.Form.Get("all") == "true"
	selfOnly := !isAll && len(dnList) == 0

	if isAll && len(dnList) > 0 {
		// This should be checked on client side, so return generic error
		writeErrorResponseJSON(ctx, w, errorCodes.ToAPIErr(ErrInvalidRequest), r.URL)
		return
	}

	// Empty DN list and not self, list access keys for all users
	if isAll {

      } catch (Exception | Error unsafeFailure) { // sneaky checked exception
        thrownUnsafeFailure = unsafeFailure;
        // Catch absolutely everything and fall through to AtomicReferenceFieldUpdaterAtomicHelper.
        try {
          helper = new AtomicReferenceFieldUpdaterAtomicHelper();
        } catch (Exception // sneaky checked exception
            | Error atomicReferenceFieldUpdaterFailure) {

{* ../../docs_src/security/tutorial003_an_py310.py hl[3,79:81] *}

### Check the password { #check-the-password }

At this point we have the user data from our database, but we haven't checked the password.

Let's put that data in the Pydantic `UserInDB` model first.

You should never save plaintext passwords, so, we'll use the (fake) password hashing system.

	pp.SetContentType("image/jpeg")
	pp.SetUserMetadata("uuid", "14365123651274")
	pp.SetKeyStartsWith("user/user1/filename")
	pp.SetContentLengthRange(100, 999999) // not testable from this layer, condition is checked in the API handler.
	pp.SetSuccessStatusAction("201")
	pp.SetCondition("eq", "X-Amz-Credential", "KVGKMDUQ23TCZXTLTHLP/20160727/us-east-1/s3/aws4_request")
	pp.SetCondition("eq", "X-Amz-Algorithm", "AWS4-HMAC-SHA256")

      } catch (Exception | Error unsafeFailure) { // sneaky checked exception
        thrownUnsafeFailure = unsafeFailure;
        // Catch absolutely everything and fall through to AtomicReferenceFieldUpdaterAtomicHelper.
        try {
          helper = new AtomicReferenceFieldUpdaterAtomicHelper();
        } catch (Exception // sneaky checked exception
            | Error atomicReferenceFieldUpdaterFailure) {

	encrypt.SseCustomerKey:       true,
	encrypt.SseCustomerKeyMD5:    true,
}

// checkPostPolicy - apply policy conditions and validate input values.
// Note that content-length-range is checked in the API handler function PostPolicyBucketHandler.
// formValues is the already-canonicalized form values from the POST request.
func checkPostPolicy(formValues http.Header, postPolicyForm PostPolicyForm) error {

    /*
     * Inputs are <every possible 10-character string of characters "a./">
     *
     * Expected outputs are generated by the code itself, but they've been
     * checked against the inputs under Bash in order to confirm that the two
     * forms are equivalent (though not necessarily minimal, though we hope this
     * to be the case). Thus, this test is more of a regression test.
     *

  }

  @SuppressWarnings("CatchingUnchecked") // sneaky checked exception
  protected final boolean supportsValuesHashCode(Map<K, V> map) {
    // get the first non-null value
    Collection<V> values = map.values();
    for (V value : values) {
      if (value != null) {
        try {
          int unused = value.hashCode();
        } catch (Exception e) { // sneaky checked exception
          return false;
        }