Eduardo Aguinaga created CASSANDRA-12549: --------------------------------------------
Summary: Unreleased Resource: Streams Key: CASSANDRA-12549 URL: https://issues.apache.org/jira/browse/CASSANDRA-12549 Project: Cassandra Issue Type: Sub-task Reporter: Eduardo Aguinaga Overview: In May through June of 2016 a static analysis was performed on version 3.0.5 of the Cassandra source code. The analysis included an automated analysis using HP Fortify v4.21 SCA and a manual analysis utilizing SciTools Understand v4. The results of that analysis includes the issue below. Issue: The function csQueryMetadata() in CloudstackSnitch.java sometimes fails to release a system resource allocated by getInputStream() on line 141. Stream not closed on exception. The two lines of code within the finally block can throw exceptions. Code that can throw an exception should not be in a finally block or the code within the finally block should be isolated within its own try/catch. {code:java} CloudstackSnitch.java, lines 131-149: 131 try 132 { 133 conn.setRequestMethod("GET"); 134 if (conn.getResponseCode() != 200) 135 { 136 throw new ConfigurationException("CloudstackSnitch was unable to query metadata."); 137 } 138 139 int cl = conn.getContentLength(); 140 byte[] b = new byte[cl]; 141 is = new DataInputStream(new BufferedInputStream(conn.getInputStream())); 142 is.readFully(b); 143 return new String(b, StandardCharsets.UTF_8); 144 } 145 finally 146 { 147 FileUtils.close(is); 148 conn.disconnect(); 149 } {code} -- This message was sent by Atlassian JIRA (v6.3.4#6332)