RFR: 8080272 Refactor I/O stream copying to use InputStream.transferTo/readAllBytes and Files.copy [v9]
Andrey Turbanov
github.com+741251+turbanoff at openjdk.java.net
Tue Feb 16 18:44:42 UTC 2021
On Mon, 8 Feb 2021 21:18:44 GMT, Philippe Marschall <github.com+471021+marschall at openjdk.org> wrote:
>> Andrey Turbanov has updated the pull request incrementally with one additional commit since the last revision:
>>
>> 8080272: Refactor I/O stream copying to use java.io.InputStream.transferTo
>> fix review comments
>
> src/java.base/share/classes/sun/security/provider/certpath/X509CertPath.java line 230:
>
>> 228: // Copy the entire input stream into an InputStream that does
>> 229: // support mark
>> 230: is = new ByteArrayInputStream(is.readAllBytes());
>
> I don't understand why the check for #markSupported is done there. The InputStream constructor of PKCS7 creates a DataInputStream on the InputStream only to then call #readFully. I can't find a place where a call to #mark happens. Since the InputStream constructor reads all bytes anyway I wonder whether we could remove this if and unconditionally do:
>
> PKCS7 pkcs7 = new PKCS7(is.readAllBytes());
Good idea. Will improve.
By the way, code in `sun.security.pkcs.PKCS7#PKCS7(java.io.InputStream)` looks suspicious: it reads only `InputStream.available()` bytes, which doesn't make much sense to me.
-------------
PR: https://git.openjdk.java.net/jdk/pull/1853
More information about the security-dev
mailing list