[cp-patches] RFC: Crypto PBEKeySpec password references
csm at gnu.org
Fri Jun 30 00:25:17 UTC 2006
On Jun 29, 2006, at 4:33 PM, Matthew Wringe wrote:
> On Thu, 2006-06-29 at 15:36 -0700, Casey Marshall wrote:
>> On Jun 29, 2006, at 3:24 PM, Matthew Wringe wrote:
>>> I have attached a very small patch that fixes PR28204 : PBEKeySpec
>>> incorrectly deletes the originally passed password array
>>> Instead of taking a reference to the passed password, it now
>>> creates a
>>> copy of it.
>> This looks fine, except for this space here at the end:
>>> + System.arraycopy(password, 0, this.password, 0,
>>> password.length );
>> And you can accomplish the same thing with `clone()'.
>> The JavaDoc should also be updated to explain that a copy of the
>> argument is made (the JDK documentation says this, and it is an
>> important API detail).
> The attached patch now uses clone() instead of System.arraycopy and
> javadoc has been updated to reflect that it only stores a copy.
> Out of curiosity, what is the real big difference between clone() and
> arraycopy? and under what situation should one be used over another?
I think clone() can be faster for arrays, because it can combine the
allocation and the copy into a single call. But really, I don't have
any idea if it's actually faster on any VM (it seems like a JIT could
inline both the `new' call and the array copy).
The only other advantage is that it's much more concise.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 478 bytes
Desc: This is a digitally signed message part
Url : http://developer.classpath.org/pipermail/classpath-patches/attachments/20060629/d9bd5c07/PGP.pgp
More information about the Classpath-patches