cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Eduardo Aguinaga (JIRA)" <j...@apache.org>
Subject [jira] [Created] (CASSANDRA-12331) Unreleased Resource: Sockets
Date Wed, 27 Jul 2016 18:57:20 GMT
Eduardo Aguinaga created CASSANDRA-12331:
--------------------------------------------

             Summary: Unreleased Resource: Sockets
                 Key: CASSANDRA-12331
                 URL: https://issues.apache.org/jira/browse/CASSANDRA-12331
             Project: Cassandra
          Issue Type: Bug
            Reporter: Eduardo Aguinaga
             Fix For: 3.0.5


Overview:
In May through June of 2016 a static analysis was performed on version 3.0.5 of the Cassandra
source code. The analysis included an automated analysis using HP Fortify v4.21 SCA and a
manual analysis utilizing SciTools Understand v4. The results of that analysis includes the
issue below.

Issue:
Sockets are low level resources that must be explicitly released so subsequent callers will
have access to previously used sockets. In the file RMIServerSocketFactoryImpl.java on lines
15-16 a socket is acquired and eventually returned to the caller on line 18.

If an exception is thrown by the code on line 17 the socket acquired on lines 15-16 will not
be released for subsequent reuse.

RMIServerSocketFactoryImpl.java, lines 13-19:
{code:java}
13 public ServerSocket createServerSocket(final int pPort) throws IOException
14 {
15     ServerSocket socket = ServerSocketFactory.getDefault()
16                                              .createServerSocket(pPort, 0, InetAddress.getLoopbackAddress());
17     socket.setReuseAddress(true);
18     return socket;
19 }
{code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message