RFR: 8268358: [lworld] toString for primitive class should return `ClassName at hash`
Roger Riggs
rriggs at openjdk.java.net
Tue Jun 8 20:37:29 UTC 2021
On Tue, 8 Jun 2021 19:55:46 GMT, Mandy Chung <mchung at openjdk.org> wrote:
> `Object::toString` implementation of a primitive class should return the traditional `ClassName at hash` (rather than listing the field values) not to leak any private and security-sensitive information. A primitive class can override `toString` implementation for their custom string representation.
If the hashcode of a primitive class uses the normal multiply and add technique,
values may still be leaked because the algorithm is predictable and can be replicated.
Perhaps with a secure hash...
-------------
Marked as reviewed by rriggs (Committer).
PR: https://git.openjdk.java.net/valhalla/pull/438
More information about the valhalla-dev
mailing list