RFR: 8207775: Better management of CipherCore buffers
Anthony Scarpino
anthony.scarpino at oracle.com
Fri Jul 27 20:02:43 UTC 2018
If we are going to add more, here are two more ton consider:
- It looks like there is another Arrays.copyOf() on doFinal() line 851
- doFinal() at line 897 there might be something that should be done
with 'buffer'. In particular as a result of line 963's arraycopy().
Tony
On 07/27/2018 08:29 AM, Seán Coffey wrote:
> Thanks Tony. If it's alright with you, I'd like to make one more edit
> for this change.
>
> http://cr.openjdk.java.net/~coffeys/webrev.8207775.v2/webrev/
>
> There's a condition where we can null out an array early if we're
> returning a copy. See lines 671-683
>
> Regards,
> Sean.
>
> On 26/07/18 17:42, Anthony Scarpino wrote:
>> On 07/26/2018 07:36 AM, Seán Coffey wrote:
>>> https://bugs.openjdk.java.net/browse/JDK-8207775
>>>
>>> Simple enough fix to null out some internal buffers once they're no
>>> longer required.
>>>
>>> webrev : http://cr.openjdk.java.net/~coffeys/webrev.8207775/webrev/
>>>
>>> regards,
>>> Sean.
>>>
>>
>> that looks fine..
>>
>> Tony
>
More information about the security-dev
mailing list