RFR: 8320971: Use BufferedInputStream.buf directly when param of implTransferTo() is trusted [v2]

Bernd duke at openjdk.org
Fri Dec 1 14:15:07 UTC 2023


On Fri, 1 Dec 2023 14:05:37 GMT, Bernd <duke at openjdk.org> wrote:

>> Did you review if all Java.* streams are safe?
>> 
>> There are a few stream adapters in sun.nio.ch, which would benefit this optimization too, unfortunately they wrap the arrays with ByteBuffer.wrap, I guess that’s not safe, so the package can’t be allowed?
>
>> @ecki I've checked the streams in `java.*` and it looks like none of them modifies the incoming `byte[]`
> 
> i think modification is not the problem, the querstion is if they get exposed to user code. (but yes the readonly ByteBuffer wrapper looks like a good thing to use more).

> @ecki , what do you think of using read-only `ByteBuffer` instead?
> 
> See [#16879 (comment)](https://github.com/openjdk/jdk/pull/16879#discussion_r1410416823)
> 
> It looks like there might be `OutputStream extends WritableByteChannel`. Then we won't need to perform deep analysis.

i am not completely sure if exposing buffers is a problem in terms of dirty data and if thats an issue with those wrappers. Well honestly it cant be anissue since we dont have untrusted code, but I understand future undertakings need to take this into account (insert SecurityManager rant here :)

-------------

PR Comment: https://git.openjdk.org/jdk/pull/16879#issuecomment-1836184267


More information about the core-libs-dev mailing list