On Mon, 8 Jul 2024 15:55:29 GMT, Andy Goryachev <ango...@openjdk.org> wrote:
>> The parameter "offset" is not validated in the 2 native methods getRGBImpl()
>> and setRGBImpl() of com.sun.pisces.AbstractSurface (in JAbstractSurface.c).
>> The PR adds the "offset < 0" check to both the methods.
>
> modules/javafx.graphics/src/main/native-prism-sw/JAbstractSurface.c line 88:
>
>> 86: width < 0 || width > (surfaceWidth - x) ||
>> 87: height < 0 || height > (surfaceHeight - y) ||
>> 88: scanLength < width || offset < 0) {
>
> this might be a naive question: would it make more sense to fail earlier,
> i.e. to test the offset before getting the surface pointer?
No, that would be a larger change and out of scope. More importantly, the order
of the checks doesn't matter.
-------------
PR Review Comment: https://git.openjdk.org/jfx/pull/1497#discussion_r1668922585
