Eduardo Aguinaga created CASSANDRA-12331:
--------------------------------------------
Summary: Unreleased Resource: Sockets
Key: CASSANDRA-12331
URL: https://issues.apache.org/jira/browse/CASSANDRA-12331
Project: Cassandra
Issue Type: Bug
Reporter: Eduardo Aguinaga
Fix For: 3.0.5
Overview:
In May through June of 2016 a static analysis was performed on version 3.0.5 of
the Cassandra source code. The analysis included an automated analysis using HP
Fortify v4.21 SCA and a manual analysis utilizing SciTools Understand v4. The
results of that analysis includes the issue below.
Issue:
Sockets are low level resources that must be explicitly released so subsequent
callers will have access to previously used sockets. In the file
RMIServerSocketFactoryImpl.java on lines 15-16 a socket is acquired and
eventually returned to the caller on line 18.
If an exception is thrown by the code on line 17 the socket acquired on lines
15-16 will not be released for subsequent reuse.
RMIServerSocketFactoryImpl.java, lines 13-19:
{code:java}
13 public ServerSocket createServerSocket(final int pPort) throws IOException
14 {
15 ServerSocket socket = ServerSocketFactory.getDefault()
16 .createServerSocket(pPort, 0,
InetAddress.getLoopbackAddress());
17 socket.setReuseAddress(true);
18 return socket;
19 }
{code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
