RFR: 8319079: Missing range checks in decora
Nir Lisker
nlisker at openjdk.org
Mon Oct 30 11:25:47 UTC 2023
On Mon, 30 Oct 2023 06:55:11 GMT, Jayathirth D V <jdv at openjdk.org> wrote:
> In SW pipeline path of Box/Gaussian Blur/Shadow effects we are not checking for range when we read data from the source/destination buffers in native code.
>
> We need to add appropriate range checks in native JNI code also apart from range checks in Java side to make sure that wherever these JNI methods are used we are not performing out of bounds access.
modules/javafx.graphics/src/main/native-decora/SSELinearConvolveShadowPeer.cc line 133:
> 131: dstrows > srcrows) { // We should not move out of source vertical bounds
> 132: return;
> 133: }
Instead of copy-pasting the same checks in all the missing places, isn't it better to create a check method (say in `SSEUtils`) and call if from all the places? Like in the style of `java.util.Objects::checkRange`.
-------------
PR Review Comment: https://git.openjdk.org/jfx/pull/1272#discussion_r1376047953
More information about the openjfx-dev
mailing list