Return-Path: Delivered-To: apmail-hc-dev-archive@www.apache.org Received: (qmail 51818 invoked from network); 23 Jul 2010 04:38:19 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 23 Jul 2010 04:38:19 -0000 Received: (qmail 46622 invoked by uid 500); 23 Jul 2010 04:38:18 -0000 Delivered-To: apmail-hc-dev-archive@hc.apache.org Received: (qmail 46426 invoked by uid 500); 23 Jul 2010 04:38:15 -0000 Mailing-List: contact dev-help@hc.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "HttpComponents Project" Delivered-To: mailing list dev@hc.apache.org Received: (qmail 46418 invoked by uid 99); 23 Jul 2010 04:38:14 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 23 Jul 2010 04:38:14 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.22] (HELO thor.apache.org) (140.211.11.22) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 23 Jul 2010 04:38:11 +0000 Received: from thor (localhost [127.0.0.1]) by thor.apache.org (8.13.8+Sun/8.13.8) with ESMTP id o6N4bo9g008730 for ; Fri, 23 Jul 2010 04:37:50 GMT Message-ID: <23042907.532931279859870049.JavaMail.jira@thor> Date: Fri, 23 Jul 2010 00:37:50 -0400 (EDT) From: "David Smiley (JIRA)" To: dev@hc.apache.org Subject: [jira] Updated: (HTTPCLIENT-969) BasicCookieStore.getCookies() returns non-threadsafe collection In-Reply-To: <22340124.471211279608169970.JavaMail.jira@thor> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 X-Virus-Checked: Checked by ClamAV on apache.org [ https://issues.apache.org/jira/browse/HTTPCLIENT-969?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] David Smiley updated HTTPCLIENT-969: ------------------------------------ Attachment: HTTPCLIENT-969_Fix_CookieStore_Thread-Safety.patch Attached is the patch addressing my comments. There's no longer a need for an instance of the CookieComparator to be a field value so I removed it. I also saw that toString() should be synchronized. I also removed the simplistic no-arg constructor since Java will generate the same thing from field initializers. I hate needlessly verbose Java code -- it gives the language a bad reputation. > BasicCookieStore.getCookies() returns non-threadsafe collection > --------------------------------------------------------------- > > Key: HTTPCLIENT-969 > URL: https://issues.apache.org/jira/browse/HTTPCLIENT-969 > Project: HttpComponents HttpClient > Issue Type: Bug > Components: HttpClient > Reporter: David Smiley > Priority: Minor > Fix For: 4.0.2, 4.1 Alpha3 > > Attachments: HTTPCLIENT-969_Fix_CookieStore_Thread-Safety.patch > > > BasicCookieStore.getCookies() is a simple method. It's synchronized, and it returns an unmodifiable wrapper around the underlying cookie list. If the caller were to then iterate over it as another thread were to manipulate the cookie list via BasicCookieStore, this would create a thread un-safe situation because both threads aren't doing their reading/writing with the same lock (the reader doesn't even have a lock). > I suggest fixing this by using CopyOnWriteArrayList, or by making a defensive copy in getCookies() > This issue might apply to some of the other basic implementations of some of the interfaces but I haven't checked. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org For additional commands, e-mail: dev-help@hc.apache.org