RFR: 8320971: Use BufferedInputStream.buf directly when param of implTransferTo() is trusted [v5]

Markus KARG duke at openjdk.org
Sat Dec 9 12:12:15 UTC 2023


On Fri, 8 Dec 2023 20:16:43 GMT, Sergey Tsypanov <stsypanov at openjdk.org> wrote:

>> src/java.base/share/classes/java/io/OutputStream.java line 212:
>> 
>>> 210:      * @return true if the argument of {@link #write(byte[])}} and {@link #write(byte[], int, int)}} needn't be copied
>>> 211:      */
>>> 212:     boolean trusted() {
>> 
>> This is a strange construction. Any subclass could simply implement this as `return true;`. Where is the guard against this, and why not doing it that way?
>
> @mkarg I guess the method can only be implemented by subclasses residing in the same package with `OutputStream`, right?
> 
> @AlanBateman fixed

@stsypanov Yes but still it is just weird to ask any output stream if *it* is trusted. I mean, it feels just unsecure to ask: "Do *you* pretend to be trusted?" instead of "Do *we* trust you?". I could sleep better if this method would not be part of each OutputStream subclass. We should either move it back to the place where needed, or into some static utility like `OutputStreams::isTrusted(OutputStream)` (mind the plural!), or it should at least be `final`.

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/16879#discussion_r1421410216


More information about the core-libs-dev mailing list