RFR: 8270317: Large Allocation in CipherSuite [v2]
Clive Verghese
cverghese at openjdk.java.net
Wed Jul 21 23:58:16 UTC 2021
On Fri, 16 Jul 2021 04:29:51 GMT, Michael Bien <github.com+114367+mbien at openjdk.org> wrote:
>> src/java.base/share/classes/sun/security/ssl/CipherSuite.java line 865:
>>
>>> 863: maps_name.put(cs.name, cs);
>>> 864: for (String alias : cs.aliases) {
>>> 865: maps_name.put(alias, cs);
>>
>> A minor concern here. HashMap can't have duplicate keys. what if there are duplicated names/aliases?
>>
>> Even it's not the case now, CipherSuite is subject to change in the future and I think it is a good opportunity to detect key duplication here. Currently, it's silently overwritten. This may introduce inconsistent behavior for nameOf.
>
> this could be potentially stored in immutable collections which might be slightly more compact + they throw when they encounter duplicate keys
> 1) change base type to Map
> 2) copy ciphers array into Map.Entry array
> 3) maps_id = Map.ofEntries(entries) // + handle IAE
>
> similar for the name map but with a list in between.
>
> there might be a JDK internal shortcut to get to new ImmutableCollections.MapN<>(flatArray) right away without the Map.Entry step - I am sure a reviewer will chime in if there is.
Thank you for the feedback. I have updated to use ImmutableMap. However, I had to use `copyOf(Map)` method instead.
It would not check for duplicate values. Would it make more sense to add a test case to check for duplicates instead?. If so I can add that, else i'll check for duplicate while creating the map.
-------------
PR: https://git.openjdk.java.net/jdk/pull/4783
More information about the security-dev
mailing list