RFR: 8155191: Specify that SecureRandom.nextBytes(byte[]) throws NullPointerException when byte array is null [v4]
Sean Mullan
mullan at openjdk.org
Fri May 12 13:42:47 UTC 2023
On Thu, 11 May 2023 21:06:37 GMT, Valerie Peng <valeriep at openjdk.org> wrote:
>> Just a trivial change for enforcing consistent NullPointerException behavior for the SecureRandom.nextBytes(byte[]) method.
>>
>> Other similar methods such as Random.nextByte(byte[]) and its other subclasses all throw NPE for null byte[] argument. Most JDK default providers' SecureRandom impls also check and throw NPE. Thus, this should be moved up and enforced by the SecureRandom class to ensure consistency.
>>
>> CSR has been filed.
>>
>> Thanks,
>> Valerie
>
> Valerie Peng has updated the pull request incrementally with one additional commit since the last revision:
>
> minor test update, remove pkcs11 reg test as it's covered by the other
> test
test/jdk/java/security/SecureRandom/NextBytesNull.java line 29:
> 27: * @summary check NPE is thrown for various methods of SecureRandom class,
> 28: * e.g. SecureRandom(byte[]), nextBytes(byte[]), and setSeed(byte[]).
> 29: * @run main NextBytesNull
You don't need an `@run` line now as this is the default if no `@run` line is specified. See https://openjdk.org/jtreg/tag-spec.html#DEFAULTS.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/13788#discussion_r1192393216
More information about the security-dev
mailing list