RFR 8158589: Possible integer overflow issues for DRBG

Wang Weijun weijun.wang at oracle.com
Fri Jun 17 12:51:03 UTC 2016


> On Jun 17, 2016, at 7:45 PM, Sean Mullan <sean.mullan at oracle.com> wrote:
> 
> On 06/16/2016 10:50 PM, Wang Weijun wrote:
>> 
>>> On Jun 17, 2016, at 10:31 AM, Xuelei Fan <xuelei.fan at oracle.com> wrote:
>>> 
>>> What did you mean "can a long field be a safe volatile?"
>> 
>> A long value cannot be updated atomically, and I am afraid that another thread might only see half bits updated and the other half not.
> 
> Have you considered using java.util.concurrent.atomic.AtomicLong?

I don't think it's worth using an AtomicLong. Wherever reseedCounter is accessed, it is already inside a synchronized block. The only reason I choose a volatile integer is that I can use it with the double checked locking technique.

--Max

> 
> --Sean


More information about the security-dev mailing list