Project Coin: Inducing contributory heap pollution
Joe Darcy
joe.darcy at oracle.com
Thu Jun 10 19:50:23 PDT 2010
Reinier Zwitserloot wrote:
> As I've mentioned before in regards to this topic, there's a list of
> things you can do to a potentially polluted array that are perfectly
> safe (or at least as safe as anything else with generics is):
>
> 1. ask for its length: param.length
> 2. iterate over it in a foreach: for (Whatever x : param) { ... }
> 3. read (not write) a value from it: Whatever x = param[whatever];
> 4. use it as parameter to another method where that parameter is also
> marked as "polluted array safe" - e.g. @SuppressWarnings("varargs").
> For example, if Arrays.asList() is given the marker (which it should,
> nothing bad happens), then calling Arrays.asList(param) can't result
> in bad things either.
Just noting that given the defined semantics of the for-each loop on an
array, point 2 would be implied by points 1 and 3; although it is good
to call out separately.
A good start at validating such rules is looking at the implementations
of the JDK methods where the TrustMeOnVarargs annotation would be
helpful; iterating over the elements in a for-each loop and passing the
array along as a method parameter are the operations that occur in the
three methods.
-Joe
More information about the coin-dev
mailing list