if (dataClass == null) {
            // check transformer name
            if (!getName().equals(accessResultData.getTransformerName())) {
                throw new CrawlerSystemException("Transformer is invalid. Use " + accessResultData.getTransformerName()
                        + ". This transformer is " + getName() + ".");
            }

            final byte[] data = accessResultData.getData();

                if ((ch & 0xC0) != 0x80) {
                    throw new IOException("Invalid UTF-8 sequence");
                }
                uni[ui] |= (ch & 0x3F) << 6;
                ch = src[si++] & 0xFF;
                uni[ui] |= ch & 0x3F;
                if ((ch & 0xC0) != 0x80 || uni[ui] < 0x800) {
                    throw new IOException("Invalid UTF-8 sequence");
                }
            } else {

        Type2Message type2Message;
        try {
            type2Message = new Type2Message(Base64.getDecoder().decode(challenge));
        } catch (final IOException exception) {
            throw new NTLMEngineException("Invalid NTLM type 2 message", exception);
        }
        final int type2Flags = type2Message.getFlags();

// very first conversation step) and attempts to move the authentication
// conversation forward.  It returns a string to be sent to the server or an
// error if the server message is invalid.  Calling Step after a conversation
// completes is also an error.
func (x *XDGSCRAMClient) Step(challenge string) (response string, err error) {
	response, err = x.ClientConversation.Step(challenge)
	return response, err
}

                final String pathPrefix = ADMIN_SERVER + token;
                if (!servletPath.startsWith(pathPrefix)) {
                    throw new WebApiException(HttpServletResponse.SC_FORBIDDEN, "Invalid access token.");
                }
                final String path;
                final String value = servletPath.substring(pathPrefix.length());
                if (!value.startsWith("/")) {

            throw new IllegalArgumentException("Master password cannot be null or empty");
        }
        if (salt == null || salt.length != SALT_SIZE) {
            throw new IllegalArgumentException("Invalid salt");
        }

        this.salt = salt.clone();
        this.masterKey = deriveKey(masterPassword, this.salt);

        // Clear the master password after use
        Arrays.fill(masterPassword, '\0');

OkHttp is principled and avoids being overly configurable, especially when such configuration is
to workaround a buggy server, test invalid scenarios or that contradict the relevant RFC.
Other HTTP libraries exist that fill that gap allowing extensive customisation including potentially
invalid requests.

Example Limitations

* Does not allow GET with a body.
* Cache is not an interface with alternative implementations.

        assertTrue(result.startsWith("10111213"));
        assertEquals(64, result.length()); // 32 bytes * 2 chars per byte
    }

    @Test
    @DisplayName("Should handle invalid offset and length parameters")
    void testInvalidParameters() {
        // Given
        byte[] data = createTestData(32);

        // When/Then
        assertThrows(IndexOutOfBoundsException.class, () -> {

	if envHealWorkers := env.Get("_MINIO_HEAL_WORKERS", ""); envHealWorkers != "" {
		if numHealers, err := strconv.Atoi(envHealWorkers); err != nil {
			bugLogIf(context.Background(), fmt.Errorf("invalid _MINIO_HEAL_WORKERS value: %w", err))
		} else {
			workers = numHealers
		}
	}

	if workers == 0 {
		workers = 4
	}

	return &healRoutine{
		tasks:   make(chan healTask),

		if claims.AccessKey != globalActiveCred.AccessKey {
			u, ok := globalIAMSys.GetUser(req.Context(), claims.AccessKey)
			if !ok {
				// Credentials will be invalid but for disabled
				// return a different error in such a scenario.
				if u.Credentials.Status == auth.AccountOff {
					return nil, errAccessKeyDisabled
				}
				return nil, errInvalidAccessKeyID
			}