8010309 : PlatformLogger: isLoggable performance / waste due to HashMap<Integer, Level> leads to Integer allocations (boxing)
Peter Levart
peter.levart at gmail.com
Thu Mar 28 10:09:45 UTC 2013
On 03/28/2013 10:19 AM, Laurent Bourgès wrote:
>
>> the following method in JavaLoggerProxy also caught my eye:
>>
>> void doLog(Level level, String msg, Object... params) {
>> if (!isLoggable(level)) {
>> return;
>> }
>> // only pass String objects to the j.u.l.Logger which may
>> // be created by untrusted code
>> int len = (params != null) ? params.length : 0;
>> Object[] sparams = new String[len];
>> for (int i = 0; i < len; i++) {
>> sparams [i] = String.valueOf(params[i]);
>> }
>> LoggingSupport.log(javaLogger, level.javaLevel, msg,
>> sparams);
>> }
>>
>> I think this could be improved if the
>> DefaultLoggerProxy.formatMessage() is used instead of turning
>> each parameter into a String. The method could be moved up to
>> abstract LoggerProxy and used in both implementations so that
>> common formatting is applied regardless of back-end used.
>>
>
> Let's do this in a separate clean up as it's better to keep
> 8010309 focus on performance improvement (although we have mixed
> this bag with some renaming).
>
>
> I disagree Peter: JUL has its own formatting code: patterns ... and
> more efficient than DefaultLoggerProxy.formatMessage().
>
> The good question relies in the comment: why convert object args into
> String early as JUL can do formatting / conversion?
> What does mean:
> // only pass String objects to the j.u.l.Logger which may
> // be created by untrusted code
> ?
> to avoid security issues ?
I think so. j.u.logging has a pluggable API and a reference to a
security-sensitive information could get passed to untrusted code via a
carelessly written logging statement. The fact that PlatformLogger is
platform-internal API might give an impression that it is secure. So it
should be.
I don't know how this formatting actually works in current
implementation of PlatformLogger delegating to j.u.l.Logger and
pre-converting the arguments into strings. Isn't formatting in
j.u.logging type sensitive?
Regards, Peter
>
> Laurent
More information about the core-libs-dev
mailing list