On Sun, 23 Oct 2022 06:21:02 GMT, Alan Bateman <al...@openjdk.org> wrote:
> It helps a bit but it still leaks the bytes in 0 to pos, and count > buf.length. I think we have to assume that Dr. Evil's output stream will > throw an exception so the code to replace the buffer won't run. This means > replaces buf before handing out the original buffer. The transferTo method > transfers all bytes to EOF so you may be able to get away with just > allocating a 0 or tiny buffer, it can grow if needed with subsequent reads or > transfers. Silly me, you are certainly right! I have modified the code as you proposed, so now we should be safe, finally. :-) ------------- PR: https://git.openjdk.org/jdk/pull/10525
