On Tue, 26 Nov 2024 10:17:06 GMT, Jaikiran Pai <j...@openjdk.org> wrote:
> Should we clean up the comment in `InetAddressCachePolicy.checkValue()` which > says: > > ``` > /* > * If malicious code gets a hold of this method, prevent > * setting the cache policy to something laxer or some > * invalid negative value. > */ > ``` > > Perhaps change that comment to just say: > > ``` > // prevent setting the cache policy to something laxer > // or some invalid negative value. > ``` > > That private method currently throws a `SecurityException` if the value being > updated is rejected. Should it throw some other exception instead? Nice spot Jaikiran. Instead of changing comments and changing the exception type we could just remove the `setIfNotSet` , `setNegativeIfNotSet` and `checkValue` methods given that the `InetAddressCachePolicy` class is not used by modules it is exported to, and not used by any test. ------------- PR Comment: https://git.openjdk.org/jdk/pull/22376#issuecomment-2500659802
