Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Critical
Fix Version/s: 7.1.0.DR11
Affects Version/s: 7.1.0.DR9
Component/s: Security
Labels:
- static_analysis

CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
Target Release:

7.1.0.GA

SFDC Cases Counter:
SFDC Cases Links:

Coverity static-analysis scan found 2 resource leaks in ProviderLoaderService class.

https://scan7.coverity.com/reports.htm#v16159/p12663/fileInstanceId=6892104&defectInstanceId=1794528&mergedDefectId=1388484
Following code is used in `load` method:

if (provider == null) {
    provider = providerClazz.newInstance();
    if (configurationStreamSupplier != null) {
        try (InputStream is = configurationStreamSupplier.get()) {
            provider.load(configurationStreamSupplier.get());
        }
    }
}

The load method should use `is` instance instead of calling the supplier again.

https://scan7.coverity.com/reports.htm#v16159/p12663/fileInstanceId=6892104&defectInstanceId=1794527&mergedDefectId=1388483
Following code is used in `toInputStream` method:

SecurityActions.doPrivileged((PrivilegedExceptionAction<InputStream>) () -> new FileInputStream(file) );
return new FileInputStream(file);

There should be probably just:

return SecurityActions.doPrivileged((PrivilegedExceptionAction<InputStream>) () -> new FileInputStream(file) );

is cloned by

WFLY-7828 Coverity static analysis: Resource leaks in ProviderLoaderService (Elytron subsystem)

Closed

is incorporated by

JBEAP-8259 Upgrade to Elytron Subsystem 1.0.0.Alpha20

Verified

Assignee:: Ilia Vassilev

Reporter:: Josef Cacek (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2016/12/16 6:50 AM

Updated:: 2017/02/08 3:32 AM

Resolved:: 2017/01/16 4:18 PM

Details

Description

Attachments

Issue Links

Activity

People

Dates