ppkarwasz commented on code in PR #776:
URL: https://github.com/apache/commons-io/pull/776#discussion_r2325251002
##########
src/main/java/org/apache/commons/io/IOUtils.java:
##########
@@ -2697,6 +2724,62 @@ public static byte[] toByteArray(final InputStream
input, final long size) throw
return toByteArray(input, (int) size);
}
+ /**
+ * Reads exactly {@code size} bytes from the given {@link InputStream}
into a new {@code byte[]}.
+ *
+ * <p>
+ * This variant validates that the stream actually contains {@code size}
bytes.
+ * It is suitable for untrusted input because it prevents oversized
allocations when the provided {@code size}
Review Comment:
Removed in
https://github.com/apache/commons-io/pull/776/commits/7362d3e34801662b029ea6ef4e005dfb1194c57b
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
