RFR: 8268358: [lworld] toString for primitive class should return `ClassName at hash`
rriggs at openjdk.java.net
Tue Jun 8 20:37:29 UTC 2021
On Tue, 8 Jun 2021 19:55:46 GMT, Mandy Chung <mchung at openjdk.org> wrote:
> `Object::toString` implementation of a primitive class should return the traditional `ClassName at hash` (rather than listing the field values) not to leak any private and security-sensitive information. A primitive class can override `toString` implementation for their custom string representation.
If the hashcode of a primitive class uses the normal multiply and add technique,
values may still be leaked because the algorithm is predictable and can be replicated.
Perhaps with a secure hash...
Marked as reviewed by rriggs (Committer).
More information about the valhalla-dev