On Fri, 6 Mar 2026 18:19:22 GMT, Phil Race <[email protected]> wrote:
>> This fix updates DataBuffer subclasses to actually adhere to their stated
>> specifications by rejecting certain invalid parameters for constructors and
>> getters and setters.
>> A new egression test for each of the constructor and getter/setter cases is
>> supplied.
>>
>> No existing regression tests fail with this change, and standard demos work.
>>
>> Problems caused by these changes are most likely to occur if the client has
>> a bug such that
>> - a client uses the constructors that accept an array and then supplies a
>> "size" that is greater than the array.
>> - a client uses the constructors that accept an array and then supplies a
>> "size" that is less than the array and then uses getter/setters that are
>> within the array but outside the range specified by size.
>>
>> Since very few clients (and just one case in the JDK that I found) even use
>> these array constructors the changes are unlikely to make a difference to
>> clients.
>>
>> The CSR is ready for review https://bugs.openjdk.org/browse/JDK-8378116
>
> Phil Race has updated the pull request incrementally with one additional
> commit since the last revision:
>
> DataBuffer.java
src/java.desktop/share/classes/java/awt/image/DataBuffer.java line 592:
> 590:
> 591: private static boolean checkSizeAndOffset(int size, int offset, int
> arrayLen) {
> 592: return
So all the constructor checks for arrays and offsets and size end up here, so
we have the exact same logic in all cases. There are 4 checks.
1 - probably not actually necessary but for completeness here, ensure size is
+ve.
2 - ensure that if offset is negative that size is at least large enough that
some part of the array can be accessed, otherwise it is pointless.
3 - ensure that the array is large enough
4 - ensure that offset+size does not overflow.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/29766#discussion_r2897189267
