You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by Felix Schumacher <fe...@internetallee.de> on 2015/01/24 21:11:21 UTC
DigestAuthenticator and volatile variables in NonceInfo
Hi all,
I looked at the coverity issue 86588 and it says, that the volatile
variable seen[] is unsafe, because only the reference is volatile and
not not the array elements.
After a closer look, I am convinced, that all variables in that inner
class NonceInfo are needlessly declared volatile, since they are either
final (well, could be declared final) (this is timestamp) or are only
ever accessed inside the constructor and synchronized methods.
I would vote to remove the volatile declarations and add final to timestamp.
Any thoughts?
Felix
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
Re: DigestAuthenticator and volatile variables in NonceInfo
Posted by Mark Thomas <ma...@apache.org>.
On 24/01/2015 20:11, Felix Schumacher wrote:
> Hi all,
>
> I looked at the coverity issue 86588 and it says, that the volatile
> variable seen[] is unsafe, because only the reference is volatile and
> not not the array elements.
>
> After a closer look, I am convinced, that all variables in that inner
> class NonceInfo are needlessly declared volatile, since they are either
> final (well, could be declared final) (this is timestamp) or are only
> ever accessed inside the constructor and synchronized methods.
>
> I would vote to remove the volatile declarations and add final to
> timestamp.
>
> Any thoughts?
+1.
I'd also make offset final.
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org