[jira] [Created] (WSS-547) unreleased resource

Jens Kordowski (JIRA) Tue, 21 Jul 2015 07:53:25 -0700

Jens Kordowski created WSS-547:
----------------------------------

             Summary: unreleased resource
                 Key: WSS-547
                 URL: https://issues.apache.org/jira/browse/WSS-547
             Project: WSS4J
          Issue Type: Bug
          Components: WSS4J Core
    Affects Versions: 2.0.3
            Reporter: Jens Kordowski
            Assignee: Colm O hEigeartaigh



Hi,
found 2 resource leaks:

org.apache.wss4j.stax.impl.processor.output.WSSSignatureOutputProcessor.digestExternalReference()
 opens an InputStream:
InputStream inputStream = attachment.getSourceStream();

In case the later buildTransformerChain() throws an XMLSecurityException, this 
resource is leaked.

org.apache.wss4j.stax.impl.processor.input.WSSSignatureReferenceVerifyInputProcessor.verifyExternalReference()
 does the same thing:
InputStream attachmentInputStream = attachment.getSourceStream();

In case the later reateMessageDigestOutputStream() throws an 
XMLSecurityException, the resource is leaked.

Best regards
Jens



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Created] (WSS-547) unreleased resource

Reply via email to