Eduardo Aguinaga created CASSANDRA-12549:
--------------------------------------------
Summary: Unreleased Resource: Streams
Key: CASSANDRA-12549
URL: https://issues.apache.org/jira/browse/CASSANDRA-12549
Project: Cassandra
Issue Type: Sub-task
Reporter: Eduardo Aguinaga
Overview:
In May through June of 2016 a static analysis was performed on version 3.0.5 of
the Cassandra source code. The analysis included an automated analysis using HP
Fortify v4.21 SCA and a manual analysis utilizing SciTools Understand v4. The
results of that analysis includes the issue below.
Issue:
The function csQueryMetadata() in CloudstackSnitch.java sometimes fails to
release a system resource allocated by getInputStream() on line 141. Stream not
closed on exception.
The two lines of code within the finally block can throw exceptions. Code that
can throw an exception should not be in a finally block or the code within the
finally block should be isolated within its own try/catch.
{code:java}
CloudstackSnitch.java, lines 131-149:
131 try
132 {
133 conn.setRequestMethod("GET");
134 if (conn.getResponseCode() != 200)
135 {
136 throw new ConfigurationException("CloudstackSnitch was unable to
query metadata.");
137 }
138
139 int cl = conn.getContentLength();
140 byte[] b = new byte[cl];
141 is = new DataInputStream(new
BufferedInputStream(conn.getInputStream()));
142 is.readFully(b);
143 return new String(b, StandardCharsets.UTF_8);
144 }
145 finally
146 {
147 FileUtils.close(is);
148 conn.disconnect();
149 }
{code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
