braintree / braintree_java

Braintree Java library

https://developer.paypal.com/braintree/docs/start/overview

MIT License

158 stars 99 forks source link

Crypto#secureCompare : use the primitive type as the return value could not be null #89

Open benbenw opened 3 years ago

benbenw commented 3 years ago

Summary

Fix Crypto#secureCompare signature to use the primitive type as the return value could not be null

Checklist

[X] Added changelog entry
[X] Ran unit tests (mvn verify -DskipITs)

billwerges commented 3 years ago

Hi @benbenw,

Thanks for opening this PR. Since this change modifies the return type of a publicly visible method, we won't be able to merge this until we release the next major version of the project.

benbenw commented 3 years ago

no pb but due to java type boxing it should be backward compatible to the callers

crookedneighbor commented 1 year ago

@benbenw sorry for the long delay on this. I'm just curious about what scenarios the return type could be null here. I see 2 places we return:

An early return of false:

        return false;

And a final return where it asserts on the value of result:

        return result == 0;

In what instances could this ever return null?

hollabaq86 commented 1 year ago

for internal tracking, ticket 666

benbenw commented 1 year ago

@benbenw sorry for the long delay on this. I'm just curious about what scenarios the return type could be null here. I see 2 places we return:

An early return of false:
        return false;
And a final return where it asserts on the value of result:
        return result == 0;
In what instances could this ever return null?

It could not return null that what this issue is about ! As stated in the description :
Fix Crypto#secureCompare signature to use the primitive type as the return value could not be null