This is an automated email from the git hooks/post-receive script. ebourg-guest pushed a commit to annotated tag REL9_3_1102 in repository libpostgresql-jdbc-java.
commit 1a090452e69c96f578babffe0e1f76214e5d5961 Author: Heikki Linnakangas <[email protected]> Date: Wed Nov 13 21:32:54 2013 +0200 Make sure file is closed on exception. The system will eventually close the file anyway, and this read is highly unlikely to throw an IOException in practice. Also, use RandomAccessFile.readFully(byte[]) to slurp the file into byte array, rather than FileInputStream.read(byte[]). The latter would need to be called in a loop to protect from short reads. Both issues were complained of by Coverity. --- org/postgresql/ssl/jdbc4/LazyKeyManager.java | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/org/postgresql/ssl/jdbc4/LazyKeyManager.java b/org/postgresql/ssl/jdbc4/LazyKeyManager.java index 8da2d72..12b51ee 100644 --- a/org/postgresql/ssl/jdbc4/LazyKeyManager.java +++ b/org/postgresql/ssl/jdbc4/LazyKeyManager.java @@ -1,6 +1,7 @@ package org.postgresql.ssl.jdbc4; import java.io.File; +import java.io.RandomAccessFile; import java.io.FileInputStream; import java.io.FileNotFoundException; import java.io.IOException; @@ -148,6 +149,7 @@ public class LazyKeyManager implements X509KeyManager { } public PrivateKey getPrivateKey(String alias) { + RandomAccessFile raf = null; try { if (key==null && keyfile!=null) //If keyfile is null, we do not load the key @@ -157,11 +159,10 @@ public class LazyKeyManager implements X509KeyManager { if(getCertificateChain("user")==null) return null; //getCertificateChain failed... } - File keyf = new File(keyfile); - FileInputStream fl; + try { - fl = new FileInputStream(keyfile); + raf = new RandomAccessFile(new File(keyfile), "r"); } catch (FileNotFoundException ex) { @@ -171,9 +172,11 @@ public class LazyKeyManager implements X509KeyManager { } return null; } - byte[] keydata = new byte[(int)keyf.length()]; - fl.read ( keydata, 0, (int)keyf.length() ); - fl.close(); + byte[] keydata = new byte[(int)raf.length()]; + raf.readFully(keydata); + raf.close(); + raf = null; + KeyFactory kf = KeyFactory.getInstance(cert[0].getPublicKey().getAlgorithm()); try { KeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec (keydata); @@ -228,6 +231,10 @@ public class LazyKeyManager implements X509KeyManager { } catch (IOException ioex) { + if (raf != null) { + try { raf.close(); } catch (IOException ex) { }; + } + error = new PSQLException(GT.tr("Could not read SSL key file {0}.", new Object[]{keyfile}), PSQLState.CONNECTION_FAILURE, ioex); } catch(NoSuchAlgorithmException ex) -- Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-java/libpostgresql-jdbc-java.git _______________________________________________ pkg-java-commits mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-commits
