Spring Security
  1. Spring Security
  2. SEC-1141

ObjectIdentityImpl has incorrect hashCode implementation

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 2.0.4
    • Fix Version/s: 3.0.0 M1
    • Component/s: ACLs
    • Labels:
      None

      Description

      The ObjectIdentityImpl class contains a bug in it's hashCode implementation. 2 objects which are equal to each other using the '.equals()' method do not neccesarily produce the same hashcode. Consider the following code:

      ObjectIdentityImpl oi1 = new ObjectIdentityImpl("java.lang.String", "10");
      ObjectIdentityImpl oi2 = new ObjectIdentityImpl("java.lang.String", 10);
      System.out.println(oi1.equals(oi2)); //true
      System.out.println(oi1.hashCode() == oi2.hashCode()); //false
      System.out.println(oi1.hashCode()); //25246124
      System.out.println(oi2.hashCode()); //25247673

      This is due to the use of 'this.identifier.hashCode()' (line 146 ObjectIdentityImpl), while the equals method uses 'this.getIdentifier().toString().equals(other.getIdentifier().toString()' (line 123 ObjectIdentityImpl)

        Activity

        Hide
        Luke Taylor added a comment -

        The simplest solution here seems to be to remove the use of toString() from the equals method. I've also updated it so that identifiers which are of type Numeric (realistically Integers and Longs) are considered equal if they have the same numeric value.

        Show
        Luke Taylor added a comment - The simplest solution here seems to be to remove the use of toString() from the equals method. I've also updated it so that identifiers which are of type Numeric (realistically Integers and Longs) are considered equal if they have the same numeric value.

          People

          • Assignee:
            Luke Taylor
            Reporter:
            Scott Pardy
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: