Details
-
Type:
Bug
-
Status: Closed
-
Priority:
P3
-
Resolution: Fixed
-
Affects Version/s: 9
-
Fix Version/s: 9
-
Component/s: security-libs
-
Labels:
-
Subcomponent:
-
Resolved In Build:b75
-
Verification:Verified
Backports
Issue | Fix Version | Assignee | Priority | Status | Resolution | Resolved In Build |
---|---|---|---|---|---|---|
JDK-8136191 | emb-9 | Sean Mullan | P3 | Resolved | Fixed | team |
Description
In the fix for JDK-6826789, the ProtectionDomain cache key was changed from CodeSource to a String to avoid expensive DNS lookups when computing hashcodes for CodeSource URLs. However, the key also needs to take into account the certificates of a CodeSource, otherwise a CodeSource URL with different certificates will resolve to the same ProtectionDomain, which is not correct.
Attachments
Issue Links
- backported by
-
JDK-8136191 SecureClassLoader key for ProtectionDomain cache also needs to take into account certificates
-
- Resolved
-
- relates to
-
JDK-6826789 SecureClassLoader should not use CodeSource URLs as HashMap keys
-
- Closed
-