RFR - 8028627: Unsynchronized code path from javax.crypto.Cipher to the WeakHashMap used by JceSecurity to store codebase mappings
Sean Mullan
sean.mullan at oracle.com
Fri May 16 16:52:14 UTC 2014
Looks ok to me. While you are in there, can you fix the typo a couple
lines above that:
s/Retuns/Returns
You also need to add an appropriate "noreg" label to the bug.
--Sean
On 05/16/2014 10:29 AM, Rob McKenna wrote:
> Hi folks,
>
> The synopsis says it all really. There is an unsynchronized code path
> from javax.crypto.Cipher to the WeakHashMap used by JceSecurity to store
> codebase mappings. While this bug is extremely unlikely to manifest we
> have a couple of reports of it in the wild.
>
> As you can see from the following webrev I'm simply syncing on the
> WeakHashMap.
>
> http://cr.openjdk.java.net/~robm/8028627/webrev.01/
>
> -Rob
>
More information about the security-dev
mailing list