RFR: 8289389: Fix warnings: type should also implement hashCode() since it overrides Object.equals() [v5]
Andy Goryachev
angorya at openjdk.org
Fri Jul 22 18:07:15 UTC 2022
On Fri, 22 Jul 2022 17:39:00 GMT, Kevin Rushforth <kcr at openjdk.org> wrote:
> The changes look good.
>
> I note that by initializing the hash to `CLASSNAME.class.hashCode()`, instead of a constant, the hash code produced will not be predictable or stable across different invocations of the JVM. This is entirely permissible by the spec of `Object.hashCode()`, so it is just a (somewhat) interesting note.
I'd say this *is* a desired outcome.
There is a group of vulnerabilities caused by predictive nature of hashCode, for example, a DOS attack which places large number of objects into the same hashtable bin, see
https://stackoverflow.com/questions/8669946/application-vulnerability-due-to-non-random-hash-functions
I know this has no impact on this PR, just wanted to add add to your interesting note, Kevin.
-------------
PR: https://git.openjdk.org/jfx/pull/821
More information about the openjfx-dev
mailing list