On Thu, 2006-06-29 at 15:36 -0700, Casey Marshall wrote: > On Jun 29, 2006, at 3:24 PM, Matthew Wringe wrote: > > > Hi, > > > > I have attached a very small patch that fixes PR28204 : PBEKeySpec > > incorrectly deletes the originally passed password array > > (http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28204) > > > > Instead of taking a reference to the passed password, it now creates a > > copy of it. > > > > This looks fine, except for this space here at the end: > > > + System.arraycopy(password, 0, this.password, 0, > > password.length ); > > And you can accomplish the same thing with `clone()'. > > The JavaDoc should also be updated to explain that a copy of the > argument is made (the JDK documentation says this, and it is an > important API detail).
The attached patch now uses clone() instead of System.arraycopy and the javadoc has been updated to reflect that it only stores a copy. Out of curiosity, what is the real big difference between clone() and arraycopy? and under what situation should one be used over another? Thanks, Matt Wringe
Index: PBEKeySpec.java =================================================================== RCS file: /sources/classpath/classpath/javax/crypto/spec/PBEKeySpec.java,v retrieving revision 1.2 diff -u -r1.2 PBEKeySpec.java --- PBEKeySpec.java 2 Jul 2005 20:32:45 -0000 1.2 +++ PBEKeySpec.java 29 Jun 2006 22:54:22 -0000 @@ -80,7 +80,8 @@ // ------------------------------------------------------------------------ /** - * Create a new PBE key spec with just a password. + * Create a new PBE key spec with just a password. A copy of the + * password argument is stored instead of the argument itself. * * @param password The password char array. */ @@ -91,6 +92,8 @@ /** * Create a PBE key spec with a password, salt, and iteration count. + * A copy of the password argument is stored instead of the argument + * itself. * * @param password The password char array. * @param salt The salt bytes. @@ -103,7 +106,8 @@ /** * Create a PBE key spec with a password, salt, iteration count, and - * key length. + * key length. A copy of the password argument is stored instead of + * the argument itself. * * @param password The password char array. * @param salt The salt bytes. @@ -113,7 +117,7 @@ public PBEKeySpec(char[] password, byte[] salt, int iterationCount, int keyLength) { - this.password = password; + this.password = password.clone(); this.salt = salt; this.iterationCount = iterationCount; this.keyLength = keyLength;