RFR: 8312630: java/security should not create unmodifiable collections with redundant wrapping [v2]

John Jiang jjiang at openjdk.org
Wed Jul 26 16:06:54 UTC 2023


On Wed, 26 Jul 2023 14:41:16 GMT, Sean Mullan <mullan at openjdk.org> wrote:

> it says "It is cloned to prevent subsequent modification."
> Now, if the set passed in is unmodifiable, that is no longer true. 

My understanding:
The parameter `protectionParams` is cloned as `this.protectionParams`,
and `this.protectionParams` should be prevented from subsequent modification.

`Map::copyOf` looks meet this requirement, no matter the parameter `protectionParams` is modifiable or not.

> It also will now throw NPE if any of the keys or values are null, whereas before it did not,
> and the specification does not specify that in the @throws clause.

Yes, this is a problem.
I don't want to change any behavior.

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/15008#discussion_r1275191302


More information about the security-dev mailing list