RFR: 8284855: Update needed to Cleaners added to jdk.crypto.cryptoki [v3]
Xue-Lei Andrew Fan
xuelei at openjdk.java.net
Fri Apr 15 15:04:22 UTC 2022
On Fri, 15 Apr 2022 08:25:40 GMT, Daniel Fuchs <dfuchs at openjdk.org> wrote:
>> Xue-Lei Andrew Fan has updated the pull request incrementally with one additional commit since the last revision:
>>
>> Don't use lambda in cleaner
>
> src/jdk.crypto.cryptoki/share/classes/sun/security/pkcs11/P11KeyStore.java line 235:
>
>> 233: this.password = password.clone();
>> 234: P11Util.cleaner.register(this,
>> 235: () -> Arrays.fill(this.password, ' '));
>
> This lambda most probably capture `this` so it will create a leak.
I was wondering to fix it in another PR as there is another issue in the block. Better to fix it sooner.
-------------
PR: https://git.openjdk.java.net/jdk/pull/8248
More information about the security-dev
mailing list