Null-check-in-finally pattern in javax/security documentation

Chris Hegarty chris.hegarty at oracle.com
Tue Jun 14 05:43:32 PDT 2011


In fact this looks like a good candidate for try-with-resources.

-Chris.

On 06/14/11 12:26 PM, Florian Weimer wrote:
> It seems to me this incorrect advice should be removed from the
> documentation, like this:
>
> diff -r 7a341c412ea9 -r 77b101812a2e src/share/classes/java/security/KeyStore.java
> --- a/src/share/classes/java/security/KeyStore.java	Tue Jun 07 14:01:12 2011 -0700
> +++ b/src/share/classes/java/security/KeyStore.java	Tue Jun 14 13:16:19 2011 +0200
> @@ -113,14 +113,11 @@
>    *    // get user password and file input stream
>    *    char[] password = getPassword();
>    *
> - *    java.io.FileInputStream fis = null;
> + *    java.io.FileInputStream fis = new java.io.FileInputStream("keyStoreName");
>    *    try {
> - *        fis = new java.io.FileInputStream("keyStoreName");
>    *        ks.load(fis, password);
>    *    } finally {
> - *        if (fis != null) {
> - *            fis.close();
> - *        }
> + *        fis.close();
>    *    }
>    *</pre>
>    *
> @@ -146,14 +143,11 @@
>    *    ks.setEntry("secretKeyAlias", skEntry, protParam);
>    *
>    *    // store away the keystore
> - *    java.io.FileOutputStream fos = null;
> + *    java.io.FileOutputStream fos = new java.io.FileOutputStream("newKeyStoreName");
>    *    try {
> - *        fos = new java.io.FileOutputStream("newKeyStoreName");
>    *        ks.store(fos, password);
>    *    } finally {
> - *        if (fos != null) {
> - *            fos.close();
> - *        }
> + *        fos.close();
>    *    }
>    *</pre>
>    *
> diff -r 7a341c412ea9 -r 77b101812a2e src/share/classes/java/security/cert/X509CRL.java
> --- a/src/share/classes/java/security/cert/X509CRL.java	Tue Jun 07 14:01:12 2011 -0700
> +++ b/src/share/classes/java/security/cert/X509CRL.java	Tue Jun 14 13:16:19 2011 +0200
> @@ -94,15 +94,12 @@
>    * CRLs are instantiated using a certificate factory. The following is an
>    * example of how to instantiate an X.509 CRL:
>    *<pre><code>
> - * InputStream inStream = null;
> + * InputStream inStream = new FileInputStream("fileName-of-crl");
>    * try {
> - *     inStream = new FileInputStream("fileName-of-crl");
>    *     CertificateFactory cf = CertificateFactory.getInstance("X.509");
>    *     X509CRL crl = (X509CRL)cf.generateCRL(inStream);
>    * } finally {
> - *     if (inStream != null) {
> - *         inStream.close();
> - *     }
> + *     inStream.close();
>    * }
>    *</code></pre>
>    *
> diff -r 7a341c412ea9 -r 77b101812a2e src/share/classes/java/security/cert/X509Certificate.java
> --- a/src/share/classes/java/security/cert/X509Certificate.java	Tue Jun 07 14:01:12 2011 -0700
> +++ b/src/share/classes/java/security/cert/X509Certificate.java	Tue Jun 14 13:16:19 2011 +0200
> @@ -89,15 +89,12 @@
>    * Certificates are instantiated using a certificate factory. The following is
>    * an example of how to instantiate an X.509 certificate:
>    *<pre>
> - * InputStream inStream = null;
> + * InputStream inStream = new FileInputStream("fileName-of-cert");
>    * try {
> - *     inStream = new FileInputStream("fileName-of-cert");
>    *     CertificateFactory cf = CertificateFactory.getInstance("X.509");
>    *     X509Certificate cert = (X509Certificate)cf.generateCertificate(inStream);
>    * } finally {
> - *     if (inStream != null) {
> - *         inStream.close();
> - *     }
> + *     inStream.close();
>    * }
>    *</pre>
>    *
>
> There are also instances in actual code (in
> javax/crypto/JceSecurity.java, for instance), but changing them is
> probably not worth it.
>



More information about the security-dev mailing list