RFR: 8255559: Leak File Descriptors Because of ResolverLocalFilesystem#engineResolveURI()
Weijun Wang
weijun at openjdk.java.net
Tue Nov 10 17:18:57 UTC 2020
On Tue, 10 Nov 2020 17:14:42 GMT, Weijun Wang <weijun at openjdk.org> wrote:
>> …ineResolveURI().
>>
>> Actual fix looks like this, due to git diff there are lot of changes( mostly because of the spaces) being displayed.
>>
>> --- a/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMReference.java
>> +++ b/src/share/classes/org/jcp/xml/dsig/internal/dom/DOMReference.java
>> @@ -500,6 +500,7 @@
>> }
>>
>> boolean secVal = Utils.secureValidation(context);
>> + try {
>> xi.setSecureValidation(secVal);
>> if (context instanceof XMLSignContext && c14n11
>> && !xi.isOctetStream() && !xi.isOutputStreamSet()) {
>> @@ -533,6 +534,11 @@
>> } else {
>> xi.updateOutputStream(os);
>> }
>> + } finally {
>> + if(xi.getOctetStreamReal() != null) {
>> + xi.getOctetStreamReal().close();
>> + }
>> + }
>> }
>
> Marked as reviewed by weijun (Reviewer).
> Thanks Max, I guess there are additional changes in Apache code and will sync our code base with same changes.
> I'll make appropriate changes and push it again.
No worry. Next time we sync with Santuario, when I found the problem is already fixed upstream, our patch will not be applied.
-------------
PR: https://git.openjdk.java.net/jdk/pull/1142
More information about the security-dev
mailing list