Fix Files.createTempFile() NPE in FIPS-compliant JDK environments #92
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Replace Files.createTempFile() with manual temp file creation to avoid circular dependency on SecureRandom during provider initialization. Files.createTempFile() internally requires DRBG/SecureRandom which may not be available when loading this provider in a FIPS-compliant JDK, causing NullPointerException. Also delete temp file immediately after System.load() completes instead of using deleteOnExit() to prevent memory leaks in long-running apps. Co-authored-by: pushkarnk <4761859+pushkarnk@users.noreply.github.com>
- Add null/empty check for java.io.tmpdir with fallback to /tmp - Check return value of delete() and document why failure is acceptable - Add detailed comments explaining the behavior Co-authored-by: pushkarnk <4761859+pushkarnk@users.noreply.github.com>
- Replace Unix-specific /tmp fallback with cross-platform approach - Use fallback chain: java.io.tmpdir -> user.home -> user.dir - Add System.identityHashCode to uniqueness calculation for better collision resistance - Improves Windows compatibility Co-authored-by: pushkarnk <4761859+pushkarnk@users.noreply.github.com>
- Document why SecureRandom-based methods cannot be used - Explain the approach for collision prevention - Note security considerations for fallback directories - FileOutputStream will fail atomically if file exists, preventing race conditions Co-authored-by: pushkarnk <4761859+pushkarnk@users.noreply.github.com>
Document the complete story of the temp file fix including: - The original hardcoded path issue - The initial Files.createTempFile() fix - The critical NPE issue discovered in FIPS-compliant JDKs - The final solution that avoids SecureRandom dependency Co-authored-by: pushkarnk <4761859+pushkarnk@users.noreply.github.com>
Copilot
AI
changed the title
[WIP] Review usage of Files.createTempFile() in commit
Fix Files.createTempFile() NPE in FIPS-compliant JDK environments
Dec 1, 2025
pushkarnk
approved these changes
Dec 2, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Files.createTempFile()internally requiresSecureRandomwhich is unavailable during provider initialization in FIPS-compliant JDKs, causing:This circular dependency prevents the provider from loading in FIPS mode.
Changes
Files.createTempFile()with manual temp file creation usingSystem.currentTimeMillis(), thread ID, and class hashcode for uniqueness—noSecureRandomdependencySystem.load()instead ofdeleteOnExit()to prevent memory leaks in long-running applicationsjava.io.tmpdir→user.home→user.dirjava.nio.file.Files,java.nio.file.PathsImplementation
The
FileOutputStreamconstructor atomically prevents collisions if the file exists.Original prompt
💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.