# HG changeset patch # User weijun # Date 1488429446 -28800 # Node ID c2a3d5935b7e9d01acd5e63c3f8c9709f3065441 # Parent 8bf18a26294ec8cfaff3a231a01f61a3664ee696 8174113: Better sourcing of code Reviewed-by: mullan, ahgross diff -r 8bf18a26294e -r c2a3d5935b7e src/java.base/share/classes/java/security/CodeSource.java --- a/src/java.base/share/classes/java/security/CodeSource.java Mon Feb 13 15:24:42 2017 -0800 +++ b/src/java.base/share/classes/java/security/CodeSource.java Thu Mar 02 12:37:26 2017 +0800 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2016, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -560,6 +560,7 @@ { CertificateFactory cf; Hashtable cfs = null; + List certList = null; ois.defaultReadObject(); // location @@ -569,7 +570,7 @@ // we know of 3 different cert types: X.509, PGP, SDSI, which // could all be present in the stream at the same time cfs = new Hashtable<>(3); - this.certs = new java.security.cert.Certificate[size]; + certList = new ArrayList<>(size > 20 ? 20 : size); } for (int i = 0; i < size; i++) { @@ -600,13 +601,17 @@ ois.readFully(encoded); ByteArrayInputStream bais = new ByteArrayInputStream(encoded); try { - this.certs[i] = cf.generateCertificate(bais); + certList.add(cf.generateCertificate(bais)); } catch (CertificateException ce) { throw new IOException(ce.getMessage()); } bais.close(); } + if (certList != null) { + this.certs = certList.toArray( + new java.security.cert.Certificate[size]); + } // Deserialize array of code signers (if any) try { this.signers = ((CodeSigner[])ois.readObject()).clone();