Webrev request: JDK-8015081
Jamil Nimeh
jamil.j.nimeh at oracle.com
Wed Jun 4 23:29:50 UTC 2014
Hello all,
This is an update to the webrev for JDK-8015081 that takes into account
review changes and adds a few more tests.
http://cr.openjdk.java.net/~ascarpino/8015081/webrev.03
<http://cr.openjdk.java.net/%7Eascarpino/8015081/webrev.03>
Thanks!
--Jamil
On 05/27/2014 05:53 PM, Jamil Nimeh wrote:
> Hello all,
>
> This bug was originally to resolve issues where Subject principal and
> credential Set fields containing null elements could cause
> NullPointerException to be thrown. It was decided to make the Subject
> throw NullPointerException when attempts to construct or modify
> Subjects will null elements. In addition, certain Set methods called
> upon principals and credentials where the input Collection contained
> null elements could have different effects depending on which set.
> These methods, when called with Collections containing null elements
> as input now throw NullPointerException as well.
>
> Operation Before After
> (Prin/Pub/Priv) (Prin/Pub/Priv) (Prin/Pub/Priv)
> ----------------------------------------------------------------------------
>
> add(null) SecurityException/true/true NPE/NPE/NPE
> remove(null) false/false/false (*) NPE/NPE/NPE
> contains(null) false/false/false (*) NPE/NPE/NPE
> addAll(collection w/ null) SecurityException/true/true NPE/NPE/NPE
> removeAll(collection w/ null) true/true/true (**) NPE/NPE/NPE
> containsAll(coll. w/ null) false/false/NPE NPE/NPE/NPE
> retainAll(collection w/ null) true/true/true (***) NPE/NPE/NPE
>
> * - Assumes Subject has no null values in its private SecureSet
> collections
> ** - Assumes input collection has at least one non-null element that
> exists in the target SecureSet
> *** - Assumes input collection is not equivalent to or a superset of
> the target SecureSet (which would cause no change)
>
> Bug: https://bugs.openjdk.java.net/browse/JDK-8015081
> Webrev: http://cr.openjdk.java.net/~ascarpino/8015081/webrev.02
>
> Thanks,
> --Jamil
More information about the security-dev
mailing list