RFR: 8320971: Use BufferedInputStream.buf directly when param of implTransferTo() is trusted [v5]
Bernd
duke at openjdk.org
Sat Dec 9 12:17:13 UTC 2023
On Sat, 9 Dec 2023 12:09:37 GMT, Markus KARG <duke at openjdk.org> wrote:
>> @mkarg I guess the method can only be implemented by subclasses residing in the same package with `OutputStream`, right?
>>
>> @AlanBateman fixed
>
> @stsypanov Yes but still it is just weird to ask any output stream if *it* is trusted. I mean, it feels just unsecure to ask: "Do *you* pretend to be trusted?" instead of "Do *we* trust you?". I could sleep better if this method would not be part of each OutputStream subclass. We should either move it back to the place where needed, or into some static utility like `OutputStreams::isTrusted(OutputStream)` (mind the plural!), or it should at least be `final`.
And it should not only talk about modifying the buffer. As it’s also about leaking the reference.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/16879#discussion_r1421410743
More information about the core-libs-dev
mailing list