On Thu, 2006-06-29 at 15:36 -0700, Casey Marshall wrote:
> On Jun 29, 2006, at 3:24 PM, Matthew Wringe wrote:
>
> > Hi,
> >
> > I have attached a very small patch that fixes PR28204 : PBEKeySpec
> > incorrectly deletes the originally passed password array
> > (http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28204)
> >
> > Instead of taking a reference to the passed password, it now creates a
> > copy of it.
> >
>
> This looks fine, except for this space here at the end:
>
> > + System.arraycopy(password, 0, this.password, 0,
> > password.length );
>
> And you can accomplish the same thing with `clone()'.
>
> The JavaDoc should also be updated to explain that a copy of the
> argument is made (the JDK documentation says this, and it is an
> important API detail).
The attached patch now uses clone() instead of System.arraycopy and the
javadoc has been updated to reflect that it only stores a copy.
Out of curiosity, what is the real big difference between clone() and
arraycopy? and under what situation should one be used over another?
Thanks,
Matt Wringe
Index: PBEKeySpec.java
===================================================================
RCS file: /sources/classpath/classpath/javax/crypto/spec/PBEKeySpec.java,v
retrieving revision 1.2
diff -u -r1.2 PBEKeySpec.java
--- PBEKeySpec.java 2 Jul 2005 20:32:45 -0000 1.2
+++ PBEKeySpec.java 29 Jun 2006 22:54:22 -0000
@@ -80,7 +80,8 @@
// ------------------------------------------------------------------------
/**
- * Create a new PBE key spec with just a password.
+ * Create a new PBE key spec with just a password. A copy of the
+ * password argument is stored instead of the argument itself.
*
* @param password The password char array.
*/
@@ -91,6 +92,8 @@
/**
* Create a PBE key spec with a password, salt, and iteration count.
+ * A copy of the password argument is stored instead of the argument
+ * itself.
*
* @param password The password char array.
* @param salt The salt bytes.
@@ -103,7 +106,8 @@
/**
* Create a PBE key spec with a password, salt, iteration count, and
- * key length.
+ * key length. A copy of the password argument is stored instead of
+ * the argument itself.
*
* @param password The password char array.
* @param salt The salt bytes.
@@ -113,7 +117,7 @@
public PBEKeySpec(char[] password, byte[] salt, int iterationCount,
int keyLength)
{
- this.password = password;
+ this.password = password.clone();
this.salt = salt;
this.iterationCount = iterationCount;
this.keyLength = keyLength;
