Null-check-in-finally pattern in javax/security documentation
Sean Mullan
sean.mullan at oracle.com
Tue Jun 14 06:45:36 PDT 2011
I was thinking the same thing. I'll file a bug to have this fixed in JDK 8.
--Sean
On 06/14/2011 08:43 AM, Chris Hegarty wrote:
> In fact this looks like a good candidate for try-with-resources.
>
> -Chris.
>
> On 06/14/11 12:26 PM, Florian Weimer wrote:
>> It seems to me this incorrect advice should be removed from the
>> documentation, like this:
>>
>> diff -r 7a341c412ea9 -r 77b101812a2e
>> src/share/classes/java/security/KeyStore.java
>> --- a/src/share/classes/java/security/KeyStore.java Tue Jun 07
>> 14:01:12 2011 -0700
>> +++ b/src/share/classes/java/security/KeyStore.java Tue Jun 14
>> 13:16:19 2011 +0200
>> @@ -113,14 +113,11 @@
>> * // get user password and file input stream
>> * char[] password = getPassword();
>> *
>> - * java.io.FileInputStream fis = null;
>> + * java.io.FileInputStream fis = new
>> java.io.FileInputStream("keyStoreName");
>> * try {
>> - * fis = new java.io.FileInputStream("keyStoreName");
>> * ks.load(fis, password);
>> * } finally {
>> - * if (fis != null) {
>> - * fis.close();
>> - * }
>> + * fis.close();
>> * }
>> *</pre>
>> *
>> @@ -146,14 +143,11 @@
>> * ks.setEntry("secretKeyAlias", skEntry, protParam);
>> *
>> * // store away the keystore
>> - * java.io.FileOutputStream fos = null;
>> + * java.io.FileOutputStream fos = new
>> java.io.FileOutputStream("newKeyStoreName");
>> * try {
>> - * fos = new java.io.FileOutputStream("newKeyStoreName");
>> * ks.store(fos, password);
>> * } finally {
>> - * if (fos != null) {
>> - * fos.close();
>> - * }
>> + * fos.close();
>> * }
>> *</pre>
>> *
>> diff -r 7a341c412ea9 -r 77b101812a2e
>> src/share/classes/java/security/cert/X509CRL.java
>> --- a/src/share/classes/java/security/cert/X509CRL.java Tue Jun 07
>> 14:01:12 2011 -0700
>> +++ b/src/share/classes/java/security/cert/X509CRL.java Tue Jun 14
>> 13:16:19 2011 +0200
>> @@ -94,15 +94,12 @@
>> * CRLs are instantiated using a certificate factory. The following is an
>> * example of how to instantiate an X.509 CRL:
>> *<pre><code>
>> - * InputStream inStream = null;
>> + * InputStream inStream = new FileInputStream("fileName-of-crl");
>> * try {
>> - * inStream = new FileInputStream("fileName-of-crl");
>> * CertificateFactory cf = CertificateFactory.getInstance("X.509");
>> * X509CRL crl = (X509CRL)cf.generateCRL(inStream);
>> * } finally {
>> - * if (inStream != null) {
>> - * inStream.close();
>> - * }
>> + * inStream.close();
>> * }
>> *</code></pre>
>> *
>> diff -r 7a341c412ea9 -r 77b101812a2e
>> src/share/classes/java/security/cert/X509Certificate.java
>> --- a/src/share/classes/java/security/cert/X509Certificate.java Tue
>> Jun 07 14:01:12 2011 -0700
>> +++ b/src/share/classes/java/security/cert/X509Certificate.java Tue
>> Jun 14 13:16:19 2011 +0200
>> @@ -89,15 +89,12 @@
>> * Certificates are instantiated using a certificate factory. The
>> following is
>> * an example of how to instantiate an X.509 certificate:
>> *<pre>
>> - * InputStream inStream = null;
>> + * InputStream inStream = new FileInputStream("fileName-of-cert");
>> * try {
>> - * inStream = new FileInputStream("fileName-of-cert");
>> * CertificateFactory cf = CertificateFactory.getInstance("X.509");
>> * X509Certificate cert =
>> (X509Certificate)cf.generateCertificate(inStream);
>> * } finally {
>> - * if (inStream != null) {
>> - * inStream.close();
>> - * }
>> + * inStream.close();
>> * }
>> *</pre>
>> *
>>
>> There are also instances in actual code (in
>> javax/crypto/JceSecurity.java, for instance), but changing them is
>> probably not worth it.
>>
More information about the security-dev
mailing list