[jira] [Commented] (OFBIZ-12836) Resource leaks in EntitySQLProcessor.groovy

Fri, 21 Jul 2023 23:54:04 -0700 


    [ 
https://issues.apache.org/jira/browse/OFBIZ-12836?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17745876#comment-17745876
 ] 

Paul Foxworthy commented on OFBIZ-12836:
----------------------------------------

[~deepak] you're right. I did it for similarity with line 22, but I now think 
the idea is you can optionally supply a query to run iusing the sqlCommand. I 
have updated the patch.

> Resource leaks in EntitySQLProcessor.groovy
> -------------------------------------------
>
>                 Key: OFBIZ-12836
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-12836
>             Project: OFBiz
>          Issue Type: Bug
>          Components: webtools
>            Reporter: Paul Foxworthy
>            Assignee: Paul Foxworthy
>            Priority: Minor
>         Attachments: EntitySQLProcessor.groovy, 
> Fixed__Resource_leaks_in_EntitySQLProcessor_groovy-1.patch, 
> Fixed__Resource_leaks_in_EntitySQLProcessor_groovy.patch
>
>
> In framework/webtools/groovyScripts/entity/EntitySQLProcessor.groovy at line 
> 35 
> [https://github.com/apache/ofbiz-framework/blob/e080f0bfa657b8b6ffd4cbf5629e0c648440b5f0/framework/webtools/groovyScripts/entity/EntitySQLProcessor.groovy#L35]
>  
> it creates an SQLProcessor. SQLProcessor has a Close method and implements 
> AutoCloseable, but we're not using try-with-resources, nor directly calling 
> the Close method.
>  
> Similarly,
>  
> [https://github.com/apache/ofbiz-framework/blob/e080f0bfa657b8b6ffd4cbf5629e0c648440b5f0/framework/webtools/groovyScripts/entity/EntitySQLProcessor.groovy#L38]
>  
> obtains a java.sql.Resultset, which will be closed when everything works, but 
> would leak if there was an exception. Again, we should be using 
> try-with-resources.
>  
> Note that according to 
>  
> [https://docs.oracle.com/en/java/javase/20/docs/api/java.sql/java/sql/ResultSet.html#close()]
>  
> "Calling the method close on a ResultSet object that is already closed is a 
> no-op.", if you obtain a ResultSet from the SQLProcessor and directly close 
> that ResultSet, it's not a problem when the SQLProcessor.close also attempts 
> to close the ResultSet.
>  
> The problem is minor, most of the time. The groovy script is in the webtools, 
> so used for developer tinkering and not production use.
>  
> When you're doing a SELECT, the script is closing the ResultSet, so the 
> important resources are cleaned up (assuming no exception occurred).
>  
> However, if you are doing INSERT, UPDATE or DELETE, the script creates a 
> prepared statement that is not closed, so there's a resource leak.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to