Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Not A Problem
-
2.0.3
-
None
-
None
Description
Hi,
found 2 resource leaks:
org.apache.wss4j.stax.impl.processor.output.WSSSignatureOutputProcessor.digestExternalReference() opens an InputStream:
InputStream inputStream = attachment.getSourceStream();
In case the later buildTransformerChain() throws an XMLSecurityException, this resource is leaked.
org.apache.wss4j.stax.impl.processor.input.WSSSignatureReferenceVerifyInputProcessor.verifyExternalReference() does the same thing:
InputStream attachmentInputStream = attachment.getSourceStream();
In case the later reateMessageDigestOutputStream() throws an XMLSecurityException, the resource is leaked.
Best regards
Jens