Uploaded image for project: 'WSS4J'
  1. WSS4J
  2. WSS-547

unreleased resource

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Not A Problem
    • Affects Version/s: 2.0.3
    • Fix Version/s: None
    • Component/s: WSS4J Core
    • Labels:
      None

      Description

      Hi,
      found 2 resource leaks:

      org.apache.wss4j.stax.impl.processor.output.WSSSignatureOutputProcessor.digestExternalReference() opens an InputStream:
      InputStream inputStream = attachment.getSourceStream();

      In case the later buildTransformerChain() throws an XMLSecurityException, this resource is leaked.

      org.apache.wss4j.stax.impl.processor.input.WSSSignatureReferenceVerifyInputProcessor.verifyExternalReference() does the same thing:
      InputStream attachmentInputStream = attachment.getSourceStream();

      In case the later reateMessageDigestOutputStream() throws an XMLSecurityException, the resource is leaked.

      Best regards
      Jens

        Attachments

          Activity

            People

            • Assignee:
              giger Marc Giger
              Reporter:
              jenskordowski Jens Kordowski
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: