On Wed, 29 Nov 2023 20:07:37 GMT, Vladimir Sitnikov <vsitni...@openjdk.org> wrote:
>>> What do you think of passing the buffer as is? >> >> No, it should only do for trusted targets. BAIS has an issue in that area >> that should be fixed. > > The buffer in question is protected, so any subclass can directly access it. > In other words, untrusted code can easily acoess the buffer, and it does not > sound fair to add extra overhead to the method which was created for the > performance reasons. > > Does copyOfRange do any good here? Do you mean JDK should copy every buffer > it passes to non-JDK code? @vlsi Yes, unless the JRE comes up with read-only buffers all untrusted code should get copies of JRE-internal buffers only to provide buffer poisoning and spying data located beyond range limits. Subclasses are free to do what they want with the inherited buffer (it is *their* buffer implicitly), but target output stream might be an injected bad guy that we must not trust in any regard. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/16879#discussion_r1409945330
