tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 32502] New: - Memory leak in Digest Authentication
Date Thu, 02 Dec 2004 22:10:25 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=32502>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=32502

           Summary: Memory leak in Digest Authentication
           Product: Tomcat 5
           Version: 5.0.29
          Platform: Macintosh
        OS/Version: Mac OS X 10.3
            Status: NEW
          Severity: critical
          Priority: P2
         Component: Catalina
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: csharp@mac.com


The DigestAuthenticator class contains a small but significant leak. In the generateNOnce
method, the 
nOnceValue is inserted into a Hashtable with an expire time. This feature does not appear
to be fully 
implemented and as a result the Hashtable "nOnceTokens" will continue to grow un-bounded.

The short term solution to this problem is to remove the Hashtable insert since it isn't apparently
being 
used.

Longer term, the host-expireTime-otherState tuple could be encoded in client-opaque nOnceValue
and 
used across multiple TC5 instances.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message