[PATCH] CipherStream produces new byte array on every update or doFinal operation

[Florian Weimer]

On 02/17/2015 01:53 PM, Dai Nakanishi wrote:
> +        } catch (ShortBufferException e) {
> +            obuffer = null;
> +            throw new IOException(e);
>          }

This doesn't look right to me.  You need to enlarge the buffer and retry.

If you really want to avoid allocations, you should use the destination
buffer passed to the read() function if the slice end is equal to the
array end.  I expect that this is the usual case.

By the way, I think such review requests should be sent to security-dev,
not core-libs-dev.

-- 
Florian Weimer / Red Hat Product Security