RFR [9] 8138978: Examine usages of sun.misc.IOUtils

Paul Sandoz paul.sandoz at oracle.com
Thu Oct 8 08:55:14 UTC 2015


> On 8 Oct 2015, at 10:46, Chris Hegarty <chris.hegarty at oracle.com> wrote:
>> It reads at most “seqlen" bytes, so the array may be larger than necessary, which might be ok depending on whether one can trust "seqlen”.
> 
> We do no trust ‘seqlen’. :-(
> 

Good!


>> The following pattern occurs a few times:
>> 
>> byte[] b = is.readAllBytes();
>> if (len !- -1 && b.length != len) throw new EOFException(…)
>> 
>> A further useful addition to consider would be an IS.readFulyl(int expectedLength).
> 
> Yes, I think a variant of readNBytes(long expectedLength),
> would  be a useful addition. I can file a bug and add it to
> the I/O grab bag, 6852033 [1]. Then a further round of
> cleanup could possibly remove IOUtils completely.
> 

Ok.

Paul.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://mail.openjdk.java.net/pipermail/security-dev/attachments/20151008/77b01e39/signature.asc>


More information about the security-dev mailing list