karaf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Eduardo Aguinaga (JIRA)" <j...@apache.org>
Subject [jira] [Created] (KARAF-4210) Unreleased Resource: Streams
Date Tue, 15 Dec 2015 17:45:46 GMT
Eduardo Aguinaga created KARAF-4210:
---------------------------------------

             Summary: Unreleased Resource: Streams
                 Key: KARAF-4210
                 URL: https://issues.apache.org/jira/browse/KARAF-4210
             Project: Karaf
          Issue Type: Bug
    Affects Versions: 4.0.3
            Reporter: Eduardo Aguinaga


HP Fortify SCA and SciTools Understand were used to perform an application security analysis
on the karaf source code.

The function getLocalRepoFromConfig() in MavenConfigService.java sometimes fails to release
a system resource allocated by FileInputStream() on line 74.

File: bundle/core/src/main/java/org/apache/karaf/bundle/core/internal/MavenConfigService.java
Line: 74

MavenConfigService.java, lines 66-76:
66 static String getLocalRepoFromConfig(Dictionary<String, Object> dict) throws XMLStreamException,
FileNotFoundException {
67     String path = null;
68     if (dict != null) {
69         path = (String) dict.get("org.ops4j.pax.url.mvn.localRepository");
70         if (path == null) {
71             String settings = (String) dict.get("org.ops4j.pax.url.mvn.settings");
72             if (settings != null) {
73                 File file = new File(settings);
74                 XMLStreamReader reader = XMLInputFactory.newFactory().createXMLStreamReader(new
FileInputStream(file));
75                 try {
76                     int event;




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message