8320971: Use BufferedInputStream.buf directly when param of implTransferTo() is trusted

Reviewed-by: alanb, bpb

src/java.base/share/classes/java/io/BufferedInputStream.java

@@ -643,9 +643,13 @@ public class BufferedInputStream extends FilterInputStream {
         if (getClass() == BufferedInputStream.class && markpos == -1) {
             int avail = count - pos;
             if (avail > 0) {
-                // Prevent poisoning and leaking of buf
-                byte[] buffer = Arrays.copyOfRange(getBufIfOpen(), pos, count);
-                out.write(buffer);
+                if (isTrusted(out)) {
+                    out.write(getBufIfOpen(), pos, count);
+                } else {
+                    // Prevent poisoning and leaking of buf
+                    byte[] buffer = Arrays.copyOfRange(getBufIfOpen(), pos, count);
+                    out.write(buffer);
+                }
                 pos = count;
             }
             try {
@@ -658,4 +662,22 @@ public class BufferedInputStream extends FilterInputStream {
         }
     }
 
+    /**
+     * Returns true if this class satisfies the following conditions:
+     * <ul>
+     * <li>does not retain a reference to the {@code byte[]}</li>
+     * <li>does not leak a reference to the {@code byte[]} to non-trusted classes</li>
+     * <li>does not modify the contents of the {@code byte[]}</li>
+     * <li>{@code write()} method does not read the contents outside of the offset/length bounds</li>
+     * </ul>
+     *
+     * @return true if this class is trusted
+     */
+    private static boolean isTrusted(OutputStream os) {
+        var clazz = os.getClass();
+        return clazz == ByteArrayOutputStream.class
+                || clazz == FileOutputStream.class
+                || clazz == PipedOutputStream.class;
+    }
+
 }