apache · dlmarion · Jan 15, 2026 · Jan 13, 2026 · Jan 15, 2026 · Jan 15, 2026
diff --git a/core/src/main/java/org/apache/accumulo/access/AuthorizationValidator.java b/core/src/main/java/org/apache/accumulo/access/AuthorizationValidator.java
@@ -104,7 +104,8 @@ enum AuthorizationCharacters {
     }
 
     // Unsure what characters are present, so must validate them all.
-    for (int i = 0; i < auth.length(); i++) {
+    final int len = auth.length();
+    for (int i = 0; i < len; i++) {
       var c = auth.charAt(i);
       if (!Character.isDefined(c) || Character.isISOControl(c) || c == '\uFFFD') {
         return false;

diff --git a/core/src/main/java/org/apache/accumulo/access/impl/AccessEvaluatorImpl.java b/core/src/main/java/org/apache/accumulo/access/impl/AccessEvaluatorImpl.java
@@ -20,6 +20,7 @@
 
 import static org.apache.accumulo.access.impl.CharUtils.BACKSLASH;
 import static org.apache.accumulo.access.impl.CharUtils.QUOTE;
+import static org.apache.accumulo.access.impl.CharUtils.isBackslashSymbol;
 import static org.apache.accumulo.access.impl.CharUtils.isQuoteOrSlash;
 import static org.apache.accumulo.access.impl.CharUtils.isQuoteSymbol;
 
@@ -74,7 +75,8 @@ public AccessEvaluatorImpl(Authorizations authorizations,
 
   public static CharSequence unescape(CharSequence auth) {
     int escapeCharCount = 0;
-    for (int i = 0; i < auth.length(); i++) {
+    final int authLength = auth.length();
 for (int i = 0; i < auth.length(); i++) { 
 for (int i = 0; i < auth.length(); i++) { 
+    for (int i = 0; i < authLength; i++) {
       char c = auth.charAt(i);
       if (isQuoteOrSlash(c)) {
         escapeCharCount++;
@@ -86,11 +88,11 @@ public static CharSequence unescape(CharSequence auth) {
         throw new IllegalArgumentException("Illegal escape sequence in auth : " + auth);
       }
 
-      char[] unescapedCopy = new char[auth.length() - escapeCharCount / 2];
+      char[] unescapedCopy = new char[authLength - escapeCharCount / 2];
       int pos = 0;
-      for (int i = 0; i < auth.length(); i++) {
+      for (int i = 0; i < authLength; i++) {
         char c = auth.charAt(i);
-        if (c == BACKSLASH) {
+        if (isBackslashSymbol(c)) {
           i++;
           c = auth.charAt(i);
           if (!isQuoteOrSlash(c)) {
@@ -120,17 +122,17 @@ public static CharSequence unescape(CharSequence auth) {
    */
   public static CharSequence escape(CharSequence auth, boolean shouldQuote) {
     int escapeCount = 0;
-
-    for (int i = 0; i < auth.length(); i++) {
+    final int authLength = auth.length();
+    for (int i = 0; i < authLength; i++) {
       if (isQuoteOrSlash(auth.charAt(i))) {
         escapeCount++;
       }
     }
 
     if (escapeCount > 0 || shouldQuote) {
-      char[] escapedAuth = new char[auth.length() + escapeCount + (shouldQuote ? 2 : 0)];
+      char[] escapedAuth = new char[authLength + escapeCount + (shouldQuote ? 2 : 0)];
       int index = shouldQuote ? 1 : 0;
-      for (int i = 0; i < auth.length(); i++) {
+      for (int i = 0; i < authLength; i++) {
         char c = auth.charAt(i);
         if (isQuoteOrSlash(c)) {
           escapedAuth[index++] = BACKSLASH;

diff --git a/core/src/main/java/org/apache/accumulo/access/impl/AccessExpressionImpl.java b/core/src/main/java/org/apache/accumulo/access/impl/AccessExpressionImpl.java
@@ -61,8 +61,8 @@ public static CharSequence quote(CharSequence term) {
     }
 
     boolean needsQuote = false;
-
-    for (int i = 0; i < term.length(); i++) {
+    final int len = term.length();
+    for (int i = 0; i < len; i++) {
       if (!Tokenizer.isValidAuthChar(term.charAt(i))) {
         needsQuote = true;
         break;