On Thu, 1 May 2025 05:33:29 GMT, Volkan Yazici <vyaz...@openjdk.org> wrote:

> Document preconditions on certain `JavaLangAccess` methods that use 
> operations either unsafe and/or without range checks.

src/java.base/share/classes/jdk/internal/access/JavaLangAccess.java line 315:

> 313:      * <b>WARNING: The caller of this method shall relinquish and 
> transfer the
> 314:      * ownership of the byte array to the callee</b>, since the later 
> will not
> 315:      * make a copy.

I think we should add a note on why no copy is made - there may be multiple 
reads to the input array for decoding, so the input array must not be 
accessible by untrusted code, which can racily modify it. A side effect is that 
this array is simply reused if it's eligible to be the string content array, 
which is unfortunately abused in a few places in the JDK.

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/24982#discussion_r2070244058

Reply via email to