dcsimg
 

Submitted by: Octavia Anghel(octaviaanghel@gmail.com)

Wednesday Aug 8th 2018 by Octavia Anghel

Language: Java, Expertise: Beginner - Learn why bulk data must never be handled with byte arrays.

Byte[] pdf = toPdf(file);

Here, a method creates a PDF file from some input and returns the binary PDF data as a byte array. This code expects that the generated file is small enough to adjust into the available heap memory.

If this code can not make this 100% sure, then it is vulnerable to an out of memory condition. Moreover, if this code is running server-side, which usually means numerous parallel threads — bulk data must never be handled with byte arrays. Streams should be used and the data should be spooled to disk or a database.

File pdf = to Pdf(file);

A similar anti-pattern is to buffer streaming input from an "untrusted" source, such as buffering data that arrives on a network socket. If the application doesn't know how much data will arrive, it must make sure that it keeps an eye on the amount of the data. If the volume of buffered data exceeds limits, an error condition (exception) should be signaled to the caller.

Home
Mobile Site | Full Site
Copyright 2018 © QuinStreet Inc. All Rights Reserved