[jdk17u-dev] RFR: 8302111: Serialization considerations [v3]
Goetz Lindenmaier
goetz at openjdk.org
Thu Feb 20 16:22:15 UTC 2025
On Thu, 20 Feb 2025 15:44:50 GMT, Richard Reingruber <rrich at openjdk.org> wrote:
>> Goetz Lindenmaier has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Catch exception as proposed in review
>
> src/java.base/share/classes/com/sun/crypto/provider/DHPublicKey.java line 188:
>
>> 186: derKey = null;
>> 187: }
>> 188: return derKey.toByteArray();
>
> This looks weired if someone has a quick look at these lines of code: if an IOE occurs and is caught here, then `derKey` will be assigned null and 2 lines below an NPE will thrown because of this.
>
> I'd suggest to wrap the whole method body in a try-catch. This would reduce the diff to jdk 21.
> In the IOE catch clause you shouldn't say that the IOE is ignored but you should state that it cannot even occur since `DerOutputStream` is a `ByteArrayOutputStream` which doesn't do any I/O. Then just return null or throw an `InternalError` are something else if more appropriate.
ok, this makes sense. See extra commit. I did it for all three places where I catch the IO exception.
-------------
PR Review Comment: https://git.openjdk.org/jdk17u-dev/pull/3278#discussion_r1963918296
More information about the jdk-updates-dev
mailing list