RFR: 8320971: Use BufferedInputStream.buf directly when param of implTransferTo() is trusted [v2]
Bernd
duke at openjdk.org
Fri Dec 1 14:15:07 UTC 2023
On Fri, 1 Dec 2023 14:05:37 GMT, Bernd <duke at openjdk.org> wrote:
>> Did you review if all Java.* streams are safe?
>>
>> There are a few stream adapters in sun.nio.ch, which would benefit this optimization too, unfortunately they wrap the arrays with ByteBuffer.wrap, I guess that’s not safe, so the package can’t be allowed?
>
>> @ecki I've checked the streams in `java.*` and it looks like none of them modifies the incoming `byte[]`
>
> i think modification is not the problem, the querstion is if they get exposed to user code. (but yes the readonly ByteBuffer wrapper looks like a good thing to use more).
> @ecki , what do you think of using read-only `ByteBuffer` instead?
>
> See [#16879 (comment)](https://github.com/openjdk/jdk/pull/16879#discussion_r1410416823)
>
> It looks like there might be `OutputStream extends WritableByteChannel`. Then we won't need to perform deep analysis.
i am not completely sure if exposing buffers is a problem in terms of dirty data and if thats an issue with those wrappers. Well honestly it cant be anissue since we dont have untrusted code, but I understand future undertakings need to take this into account (insert SecurityManager rant here :)
-------------
PR Comment: https://git.openjdk.org/jdk/pull/16879#issuecomment-1836184267
More information about the core-libs-dev
mailing list