The get and put family of functions on MessageBuffer use unsafe memory accesses and are missing bounds checks. They can thus can read and write out of bounds.
E.g. in the following example getInt either causes a segfault or returns an undefined value:
val unpacker = MessagePack.newDefaultUnpacker(ByteArray(0))
val buffer = unpacker.readPayloadAsReference(0)
val value = buffer.getInt(9000000)
println("Value: $value")Since this unsafety is exposed publicly and is not documented, it can be quite dangerous.
If the ability to skip the bounds check is an intended feature, then I'd suggest to name the methods accordingly (e.g. giving them an "unsafe" prefix). Having a set of functions that does bounds checking by default probably does not hurt either.
The
getandputfamily of functions onMessageBufferuse unsafe memory accesses and are missing bounds checks. They can thus can read and write out of bounds.E.g. in the following example
getInteither causes a segfault or returns an undefined value:Since this unsafety is exposed publicly and is not documented, it can be quite dangerous.
If the ability to skip the bounds check is an intended feature, then I'd suggest to name the methods accordingly (e.g. giving them an "unsafe" prefix). Having a set of functions that does bounds checking by default probably does not hurt either.