On Mon, 30 Oct 2023 11:22:52 GMT, Nir Lisker <nlis...@openjdk.org> wrote:
>> In SW pipeline path of Box/Gaussian Blur/Shadow effects we are not checking
>> for range when we read data from the source/destination buffers in native
>> code.
>>
>> We need to add appropriate range checks in native JNI code also apart from
>> range checks in Java side to make sure that wherever these JNI methods are
>> used we are not performing out of bounds access.
>
> modules/javafx.graphics/src/main/native-decora/SSELinearConvolveShadowPeer.cc
> line 133:
>
>> 131: dstrows > srcrows) { // We should not move out of source
>> vertical bounds
>> 132: return;
>> 133: }
>
> Instead of copy-pasting the same checks in all the missing places, isn't it
> better to create a check method (say in `SSEUtils`) and call if from all the
> places? Like in the style of `java.util.Objects::checkRange`.
If the checks are identical, that could be a useful change.
-------------
PR Review Comment: https://git.openjdk.org/jfx/pull/1272#discussion_r1376396004
