You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@logging.apache.org by rp...@apache.org on 2017/08/17 22:17:01 UTC
logging-log4j2 git commit: LOG4J2-1896 null out password chars in
memory before releasing reference to this object
Repository: logging-log4j2
Updated Branches:
refs/heads/master e0d7a551e -> fc3d4a6da
LOG4J2-1896 null out password chars in memory before releasing reference to this object
Project: http://git-wip-us.apache.org/repos/asf/logging-log4j2/repo
Commit: http://git-wip-us.apache.org/repos/asf/logging-log4j2/commit/fc3d4a6d
Tree: http://git-wip-us.apache.org/repos/asf/logging-log4j2/tree/fc3d4a6d
Diff: http://git-wip-us.apache.org/repos/asf/logging-log4j2/diff/fc3d4a6d
Branch: refs/heads/master
Commit: fc3d4a6da9912c306f807750dd993cb3415a4aea
Parents: e0d7a55
Author: rpopma <rp...@apache.org>
Authored: Fri Aug 18 07:16:55 2017 +0900
Committer: rpopma <rp...@apache.org>
Committed: Fri Aug 18 07:16:55 2017 +0900
----------------------------------------------------------------------
.../apache/logging/log4j/core/net/ssl/StoreConfiguration.java | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/logging-log4j2/blob/fc3d4a6d/log4j-core/src/main/java/org/apache/logging/log4j/core/net/ssl/StoreConfiguration.java
----------------------------------------------------------------------
diff --git a/log4j-core/src/main/java/org/apache/logging/log4j/core/net/ssl/StoreConfiguration.java b/log4j-core/src/main/java/org/apache/logging/log4j/core/net/ssl/StoreConfiguration.java
index 863209e..9ad1221 100644
--- a/log4j-core/src/main/java/org/apache/logging/log4j/core/net/ssl/StoreConfiguration.java
+++ b/log4j-core/src/main/java/org/apache/logging/log4j/core/net/ssl/StoreConfiguration.java
@@ -39,6 +39,7 @@ public class StoreConfiguration<T> {
*/
public void clearSecrets() {
this.location = null;
+ Arrays.fill(password, '\u0000');
this.password = null;
}
@@ -60,7 +61,7 @@ public class StoreConfiguration<T> {
}
/**
- *
+ *
* @deprecated Use getPasswordAsCharArray()
*/
@Deprecated
@@ -77,7 +78,7 @@ public class StoreConfiguration<T> {
}
/**
- *
+ *
* @deprecated Use getPasswordAsCharArray()
*/
@Deprecated