On Fri, 27 May 2022 14:38:27 GMT, Claes Redestad <redes...@openjdk.org> wrote:

>> src/java.base/share/classes/java/lang/invoke/MethodHandles.java line 5266:
>> 
>>> 5264:      */
>>> 5265:     public static MethodHandle dropArguments(MethodHandle target, int 
>>> pos, List<Class<?>> valueTypes) {
>>> 5266:         return dropArguments(target, pos, valueTypes.toArray(new 
>>> Class<?>[0]).clone(), true);
>> 
>> Isn't this call to `clone()` unnecessary, as `valueTypes.toArray` should 
>> either return the passed empty array, or a newly created array?
>
> It might be a bit too paranoid in this instance (since we don't keep the 
> array around for long), but not cloning the result of calling `toArray` on an 
> arbitrary and possibly adversary `List` could open up for TOCTOU race bugs / 
> attacks. The existing code was being paranoid and copying and I don't want to 
> weaken something that could have security implications without double- and 
> triple-checking that it's safe to do so.

You can probably call the `dropArguments` with `false` for `trusted` instead.

-------------

PR: https://git.openjdk.java.net/jdk/pull/8923

Reply via email to