On Tue, 11 Mar 2025 21:08:42 GMT, Harshitha Onkar <hon...@openjdk.org> wrote:
>> Built-in Profiles are singleton objects and if the user happens to modify >> this shared profile object via setData() then the modified version of the >> profile is returned each time the same built-in profile is requested via >> getInstance(). >> >> It is good to protect Built-in profiles from such direct modification by >> adding BuiltIn profile check in `setData()` such that **only copies** of >> Built-In profiles are allowed to be updated. >> >> With the proposed fix, if Built-In profile is updated using `.setData()` it >> throws _**IAE - "BuiltIn profile cannot be modified"**_ >> >> There are no restrictions on creating copies of BuiltIn profile and then >> modifying it, but what is being restricted with this fix is - the direct >> modification of the shared BuiltIn profile instance. >> >> Applications which need a modified version of the ICC Profile should instead >> do the following: >> >> >> byte[] profileData = ICC_Profile.getData() // get the byte array >> representation of BuiltIn- profile >> ICCProfile newProfile = ICC_Profile.getInstance(profileData) // create a new >> profile >> newProfile.setData() // to modify and customize the profile >> >> >> Following existing tests are modified to update a copy of Built-In profile. >> >> - java/awt/color/ICC_Profile/SetHeaderInfo.java >> - java/awt/color/ICC_ProfileSetNullDataTest.java >> - sun/java2d/cmm/ProfileOp/SetDataTest.java > > Harshitha Onkar has updated the pull request incrementally with one > additional commit since the last revision: > > modifier order changed, added comment to BuiltInProfile src/java.desktop/share/classes/java/awt/color/ICC_Profile.java line 126: > 124: /* > 125: * Deferral is only used for standard profiles. Enabling the > appropriate > 126: * access privileges is handled at a lower level. I wonder if “Enabling the appropriate access privileges is handled at a lower level” is still relevant after `SecurityManager` was removed. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/23606#discussion_r1990133673
