1 // Protocol Buffers - Google's data interchange format 2 // Copyright 2008 Google Inc. All rights reserved. 3 // https://developers.google.com/protocol-buffers/ 4 // 5 // Redistribution and use in source and binary forms, with or without 6 // modification, are permitted provided that the following conditions are 7 // met: 8 // 9 // * Redistributions of source code must retain the above copyright 10 // notice, this list of conditions and the following disclaimer. 11 // * Redistributions in binary form must reproduce the above 12 // copyright notice, this list of conditions and the following disclaimer 13 // in the documentation and/or other materials provided with the 14 // distribution. 15 // * Neither the name of Google Inc. nor the names of its 16 // contributors may be used to endorse or promote products derived from 17 // this software without specific prior written permission. 18 // 19 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 21 // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 22 // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 23 // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 24 // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 25 // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 26 // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 27 // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 28 // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 29 // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 30 31 package com.google.protobuf; 32 33 import java.io.IOException; 34 import java.nio.ByteBuffer; 35 36 /** 37 * Provides a number of unsafe byte operations to be used by advanced applications with high 38 * performance requirements. These methods are referred to as "unsafe" due to the fact that they 39 * potentially expose the backing buffer of a {@link ByteString} to the application. 40 * 41 * <p><strong>DISCLAIMER:</strong> The methods in this class should only be called if it is 42 * guaranteed that the buffer backing the {@link ByteString} will never change! Mutation of a {@link 43 * ByteString} can lead to unexpected and undesirable consequences in your application, and will 44 * likely be difficult to debug. Proceed with caution! 45 * 46 * <p>This can have a number of significant side affects that have spooky-action-at-a-distance-like 47 * behavior. In particular, if the bytes value changes out from under a Protocol Buffer: 48 * 49 * <ul> 50 * <li>serialization may throw 51 * <li>serialization may succeed but the wrong bytes may be written out 52 * <li>messages are no longer threadsafe 53 * <li>hashCode may be incorrect 54 * <ul> 55 * <li>can result in a permanent memory leak when used as a key in a long-lived HashMap 56 * <li>the semantics of many programs may be violated if this is the case 57 * </ul> 58 * </ul> 59 * 60 * Each of these issues will occur in parts of the code base that are entirely distinct from the 61 * parts of the code base modifying the buffer. In fact, both parts of the code base may be correct 62 * - it is the bridging with the unsafe operations that was in error! 63 */ 64 @ExperimentalApi 65 public final class UnsafeByteOperations { UnsafeByteOperations()66 private UnsafeByteOperations() {} 67 68 /** 69 * An unsafe operation that returns a {@link ByteString} that is backed by the provided buffer. 70 * 71 * @param buffer the buffer to be wrapped 72 * @return a {@link ByteString} backed by the provided buffer 73 */ unsafeWrap(byte[] buffer)74 public static ByteString unsafeWrap(byte[] buffer) { 75 return ByteString.wrap(buffer); 76 } 77 78 /** 79 * An unsafe operation that returns a {@link ByteString} that is backed by a subregion of the 80 * provided buffer. 81 * 82 * @param buffer the buffer to be wrapped 83 * @param offset the offset of the wrapped region 84 * @param length the number of bytes of the wrapped region 85 * @return a {@link ByteString} backed by the provided buffer 86 */ unsafeWrap(byte[] buffer, int offset, int length)87 public static ByteString unsafeWrap(byte[] buffer, int offset, int length) { 88 return ByteString.wrap(buffer, offset, length); 89 } 90 91 /** 92 * An unsafe operation that returns a {@link ByteString} that is backed by the provided buffer. 93 * 94 * @param buffer the Java NIO buffer to be wrapped 95 * @return a {@link ByteString} backed by the provided buffer 96 */ unsafeWrap(ByteBuffer buffer)97 public static ByteString unsafeWrap(ByteBuffer buffer) { 98 return ByteString.wrap(buffer); 99 } 100 101 /** 102 * Writes the given {@link ByteString} to the provided {@link ByteOutput}. Calling this method may 103 * result in multiple operations on the target {@link ByteOutput} (i.e. for roped {@link 104 * ByteString}s). 105 * 106 * <p>This method exposes the internal backing buffer(s) of the {@link ByteString} to the {@link 107 * ByteOutput} in order to avoid additional copying overhead. It would be possible for a malicious 108 * {@link ByteOutput} to corrupt the {@link ByteString}. Use with caution! 109 * 110 * <p>NOTE: The {@link ByteOutput} <strong>MUST NOT</strong> modify the provided buffers. Doing so 111 * may result in corrupted data, which would be difficult to debug. 112 * 113 * @param bytes the {@link ByteString} to be written 114 * @param output the output to receive the bytes 115 * @throws IOException if an I/O error occurs 116 */ unsafeWriteTo(ByteString bytes, ByteOutput output)117 public static void unsafeWriteTo(ByteString bytes, ByteOutput output) throws IOException { 118 bytes.writeTo(output); 119 } 120 121 } 122