On Thu, 14 Apr 2022 15:33:40 GMT, Roger Riggs <rri...@openjdk.org> wrote:
> > Why as it already be a unacceptable option for security reason? > > A shared (static) buffer would be visible to application controlled > subclasses when the `read(buffer, 0, len)` method is called. The subclass > could examine the buffer and see data read from another stream or thread. The > JDK takes care not to allow this kind of exposure. Yes and this is why I don't want to waste time on a static buffer test. ------------- PR: https://git.openjdk.java.net/jdk/pull/5872
