OCSPNonceExtension.java ======================= - nonceData = (byte[])obj; + nonceData = ((byte[])obj).clone();
Do you want to check null obj? - return nonceData; + return (nonceData != null ? nonceData.clone() : null); I think you may want to enclose the "!=" operator as: + return (nonceData != null) ? nonceData.clone() : null; Xuelei On 8/25/2015 12:55 PM, Jamil Nimeh wrote: > Hi all, > > This is a quick fix to the OCSPNonceExtension class to add a couple > defensive copies to public get/set methods. > > JBS Bug: https://bugs.openjdk.java.net/browse/JDK-8134364 > Webrev: http://cr.openjdk.java.net/~jnimeh/reviews/8134364/webrev.00 > > Thanks, > --Jamil
