On 10.02.2016 17:07, Chris Hegarty wrote:
> Thanks Aleksey, your proposal is better. So the complete change is:
>
> diff --git a/src/java.base/share/classes/java/io/ObjectInputStream.java
> b/src/java.base/share/classes/java/io/ObjectInputStream.java
> --- a/src/java.base/share/classes/java/io/ObjectInputStream.java
> +++ b/src/java.base/share/classes/java/io/ObjectInputStream.java
> @@ -3144,7 +3144,12 @@
> * utflen bytes.
> */
> private String readUTFBody(long utflen) throws IOException {
> - StringBuilder sbuf = new StringBuilder();
> + if (utflen < 0 || utflen > Integer.MAX_VALUE)
> + return "";
> +
> + // a reasonable initial capacity based on the UTF length
> + int initialCapacity = Math.min((int)utflen, 16384);
> + StringBuilder sbuf = new StringBuilder(initialCapacity);
> if (!blkmode) {
> end = pos = 0;
> }
+1
-Aleksey
