Name: krT82822 Date: 11/04/99


The getPassword() method allocates a Segment "txt" to transfer the password
from the document to a char[]. However, it does not clear that segment afterwards,
leaving the password in an un-clearable buffer. This is a security problem, not
a functional correctness problem.

In general, JPasswordField is also lacking a clear() method which will wipe out
any traces of the password. This also means that the implementation must ensure
no spurious copies of the password are created elsewhere.

------------

11/4/99 eval1127@eng -- it's in a local var. while a serious hack could perhaps get its uncleared state, risk seems moderate. will file bug anyway.

    public char[] getPassword() {
        Document doc = getDocument();
//..
    char[] retValue = new char[txt.count];
    System.arraycopy(txt.array, txt.offset, retValue, 0, txt.count);
        return retValue;
    }

(Review ID: 97492)
======================================================================