RFR: 8320971: Use BufferedInputStream.buf directly when param of implTransferTo() is trusted [v3]
Brian Burkhalter
bpb at openjdk.org
Thu Nov 30 17:27:06 UTC 2023
On Thu, 30 Nov 2023 09:47:05 GMT, Vladimir Sitnikov <vsitnikov at openjdk.org> wrote:
>>> You have to know that it is in the java.io package and it doesn't wrap another stream.
>>
>> That is a good point. In the previous work on this override, we converged on the current implementation to not leak the internal byte[] to the target. It could be special cased for trusted targets but at the cost of auditing and complexity. So more thought needed on this, I don't think the current change can be integrated.
>
> What do you think of adding `OutputStream extends WritableByteChannel`, so `transferTo` could be implemented with `if (target instanceof WritableByteChannel) { target.write(ByteBuffer.wrap(buf, off, len).asReadOnly()); }`?
>
> Read-only byte buffer will not allow modifying the data in the buffer, it would eliminate buffer copies, and adding `write(ByteBuffer)` to `OutputStream` seems reasonable.
> It could be special cased for trusted targets but at the cost of auditing and complexity. So more thought needed on this [...]
Could the target additionally be checked to see whether it is a `FilterOutputStream` and if so not be trusted?
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/16879#discussion_r1411007027
More information about the core-libs-dev
mailing list