JDK-7065233 : To interpret case-insensitive string locale independently
Type:Bug
Component:security-libs
Sub-Component:javax.crypto
Affected Version:7
Priority:P4
Status:Closed
Resolution:Fixed
OS:generic
CPU:generic
Submitted:2011-07-11
Updated:2020-04-15
Resolved:2014-07-10
The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed. Resolved: Release in which this issue/RFE has been resolved. Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
See CR 7063702, and blog posts:
http://sim.ivi.co/2011/07/trap-of-case-insensitive-string.html
http://sim.ivi.co/2011/07/simple-shell-script-to-check-trap-of.html
Comments
The fix can be as simple as to specify the locale during the call to toLowerCase()/toUpperCase():
- String name = toString().toUpperCase();
+ String name = toString().toUpperCase(Locale.ENGLISH);
- comparable = ((String) value).toUpperCase();
+ comparable = ((String) value).toUpperCase(Locale.ENGLISH);
This fix will always use Locale.ENGLISH, as will avoid the locale dependent issue.