RFR [9] 8138978: Examine usages of sun.misc.IOUtils
Sean Mullan
sean.mullan at oracle.com
Thu Oct 8 12:34:00 UTC 2015
Looks fine to me, though I have one question below.
On 10/7/15 2:19 PM, Chris Hegarty wrote:
> This primary motivation behind this bug [1] is the clearing out of
> sun.misc, in preparation for JEP 260 [2].
>
> sun.misc.IOUtils is a JDK internal convenience utility class that
> provides a single method that offers bulk blocking InputStream read
> semantics. In 9, java.io.InputStream has been retrofitted with two
> methods that provide similar, but not quite the same, functionality,
> readNBytes and readAllBytes, see JDK-8080835 [3].
>
> There are a number of places where IOUtils can be replaced with the
> appropriate supported API, readNBytes or readAllBytes.
>
> There are a number of places, mainly in the security implementation,
> that required to read a specific number of bytes ( not to end of
> stream ), where it is preferable to not preallocate the byte[] and
> allow it to "grow" lazily, to be defensive against protocol errors.
> These cases cannot use read[N|All]Bytes, so it makes sense to retain
> IOUtils but locate it in a package, sun.security.util, that makes it
> clear who its primary consumer is.
Would it make sense to add a method to InputStream that provides that
functionality the security classes need?
--Sean
>
> http://cr.openjdk.java.net/~chegar/8138978/webrev.00/jdk/
> http://cr.openjdk.java.net/~chegar/8138978/webrev.00/hotspot/
>
> -Chris.
>
> [1] https://bugs.openjdk.java.net/browse/JDK-8138978
> [2] https://bugs.openjdk.java.net/browse/JDK-8132928
> [3] https://bugs.openjdk.java.net/browse/JDK-8080835
>
More information about the security-dev
mailing list