RFR 8233884 : Avoid looking up standard charsets in security libraries
Seán Coffey
sean.coffey at oracle.com
Tue Nov 12 08:35:57 UTC 2019
On 11/11/2019 20:56, Ivan Gerasimov wrote:
> Thank you Seán for reviewing!
>
> On 11/11/19 7:56 AM, Seán Coffey wrote:
>> Nice work Ivan.
>>
>> I see you've some clean up done on exception handling also. I might
>> have a concern on this change in SSLLogger. You're catching
>> IOException now instead of Exception. Given that it's a logger and
>> the intent seems to be to ignore any type of exception - should we
>> leave what's there ?
>>
>>
> IOException seems to be the only type of Exception that may be thrown
> here (otherwise javac would have complained during a build), but I
> agree it can be left as it was before.
Sure - I'm thinking the original code was also protecting against
possible unchecked exceptions. (to what value is questionable!)
>
> Here's the updated webrev with this only change, comparing to the
> previous one:
>
> http://cr.openjdk.java.net/~igerasim/8233884/01/webrev/
thanks. Looks fine to me.
regards,
Sean.
>
> With kind regards,
> Ivan
>
>>
>> Everything else looked fine to me.
>>
>> Regards,
>> Sean.
>>
>> On 10/11/19 09:47, Ivan Gerasimov wrote:
>>> Hello!
>>>
>>> There are many places in the security libraries where string are
>>> converted from/to byte arrays using standard charsets.
>>>
>>> It would be beneficial, if those are not looked up by their name
>>> every time, and constants from java.nio.charset.StandardCharsets.*
>>> are used instead.
>>>
>>> Would you please help review this relatively lengthy (in terms of
>>> the affected files), though mostly straight-forward cleanup?
>>>
>>> BUGURL: https://bugs.openjdk.java.net/browse/JDK-8233884
>>> WEBREV: http://cr.openjdk.java.net/~igerasim/8233884/00/webrev/
>>>
>>> Thanks in advance!
>>>
>>
>>
More information about the security-dev
mailing list