RFR: 8255559: Leak File Descriptors Because of ResolverLocalFilesystem#engineResolveURI()
Prajwal Kumaraswamy
github.com+70745465+pkumaraswamy at openjdk.java.net
Tue Nov 10 16:10:10 UTC 2020
On Tue, 10 Nov 2020 13:26:01 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> …ineResolveURI().
>>
>> Actual fix looks like this, due to git diff there are lot of changes( mostly because of the spaces) being displayed.
>>
>> --- a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMReference.java
>> +++ b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMReference.java
>> @@ -500,6 +500,7 @@
>> }
>>
>> boolean secVal = Utils.secureValidation(context);
>> + try {
>> xi.setSecureValidation(secVal);
>> if (context instanceof XMLSignContext && c14n11
>> && !xi.isOctetStream() && !xi.isOutputStreamSet()) {
>> @@ -533,6 +534,11 @@
>> } else {
>> xi.updateOutputStream(os);
>> }
>> + } finally {
>> + if(xi.getOctetStreamReal() != null) {
>> + xi.getOctetStreamReal().close();
>> + }
>> + }
>> }
>
> FYI: https://github.com/apache/santuario-xml-security-java/pull/9/files
Thanks Max, I guess there are additional changes in Apache code and will sync our code base with same changes.
I'll make appropriate changes and push it again.
-------------
PR: https://git.openjdk.java.net/jdk/pull/1142
More information about the security-dev
mailing list