RFR: 8258915: Temporary buffer cleanup [v3]
Weijun Wang
weijun at openjdk.java.net
Sat Jan 23 16:07:42 UTC 2021
On Sat, 23 Jan 2021 03:59:12 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> Weijun Wang has updated the pull request incrementally with one additional commit since the last revision:
>>
>> more wrap, less copy
>
> src/java.base/share/classes/sun/security/pkcs/PKCS8Key.java line 221:
>
>> 219: if (encodedKey == null) {
>> 220: try {
>> 221: DerOutputStream tmp = new DerOutputStream();
>
> What is the criteria of using the default constructor vs the one with a initial size? Here is using the default, are we sure about the key (line 224 below) will always fit?
Here the key is the last thing to be written into the DerOutputStream, so there will be no more reallocation after and its content will not be leaked.
> src/java.base/share/classes/sun/security/pkcs12/PKCS12KeyStore.java line 664:
>
>> 662:
>> 663: // Encode secret key in a PKCS#8
>> 664: DerOutputStream secretKeyInfo = new DerOutputStream();
>
> Same, using default constructor here and we write encodedKey into it at line 670 below.
Same as above.
-------------
PR: https://git.openjdk.java.net/jdk/pull/2070
More information about the security-dev
mailing list