JDK-7065233 : To interpret case-insensitive string locale independently
  • Type: Bug
  • Component: security-libs
  • Sub-Component: javax.crypto
  • Affected Version: 7
  • Priority: P4
  • Status: Closed
  • Resolution: Fixed
  • OS: generic
  • CPU: generic
  • Submitted: 2011-07-11
  • Updated: 2020-04-15
  • Resolved: 2014-07-10
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 8 JDK 9 Other
8u60Fixed 9 b23Fixed openjdk7uFixed
Related Reports
Duplicate :  
Description
See CR 7063702, and blog posts:
http://sim.ivi.co/2011/07/trap-of-case-insensitive-string.html
http://sim.ivi.co/2011/07/simple-shell-script-to-check-trap-of.html

Comments
The fix can be as simple as to specify the locale during the call to toLowerCase()/toUpperCase(): - String name = toString().toUpperCase(); + String name = toString().toUpperCase(Locale.ENGLISH); - comparable = ((String) value).toUpperCase(); + comparable = ((String) value).toUpperCase(Locale.ENGLISH); This fix will always use Locale.ENGLISH, as will avoid the locale dependent issue.
26-04-2013