RFR: JDK-8315422: getSoTimeout() would be in try block in SSLSocketImpl
John Jiang
jjiang at openjdk.org
Thu Aug 31 02:41:25 UTC 2023
The method `SSLSocketImpl::closeSocket` has the below code snippet,
if (appInput.readLock.tryLock()) {
int soTimeout = getSoTimeout();
try {
// deplete could hang on the skip operation
// in case of infinite socket read timeout.
// Change read timeout to avoid deadlock.
// This workaround could be replaced later
// with the right synchronization
if (soTimeout == 0)
setSoTimeout(DEFAULT_SKIP_TIMEOUT);
inputRecord.deplete(false);
} catch (java.net.SocketTimeoutException stEx) {
// skip timeout exception during deplete
} finally {
if (soTimeout == 0)
setSoTimeout(soTimeout);
appInput.readLock.unlock();
}
}
If `getSoTimeout()` throws an exception, say `SocketException`, `appInput.readLock.unlock()` cannot be called.
-------------
Commit messages:
- JDK-8315422: getSoTimeout() would be in try block in SSLSocketImpl
Changes: https://git.openjdk.org/jdk/pull/15503/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=15503&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8315422
Stats: 19 lines in 1 file changed: 6 ins; 3 del; 10 mod
Patch: https://git.openjdk.org/jdk/pull/15503.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/15503/head:pull/15503
PR: https://git.openjdk.org/jdk/pull/15503
More information about the security-dev
mailing list