Ted Yu created HADOOP-11014:
-------------------------------
Summary: Potential resource leak in JavaKeyStoreProvider due to
unclosed stream
Key: HADOOP-11014
URL: https://issues.apache.org/jira/browse/HADOOP-11014
Project: Hadoop Common
Issue Type: Bug
Reporter: Ted Yu
Priority: Minor
>From
>hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/crypto/key/JavaKeyStoreProvider.java
> :
{code}
private void writeToNew(Path newPath) throws IOException {
FSDataOutputStream out =
FileSystem.create(fs, newPath, permissions);
try {
keyStore.store(out, password);
} catch (KeyStoreException e) {
throw new IOException("Can't store keystore " + this, e);
} catch (NoSuchAlgorithmException e) {
throw new IOException(
"No such algorithm storing keystore " + this, e);
} catch (CertificateException e) {
throw new IOException(
"Certificate exception storing keystore " + this, e);
}
out.close();
{code}
IOException is not among the catch blocks.
According to
http://docs.oracle.com/javase/7/docs/api/java/security/KeyStore.html#store(java.io.OutputStream,%20char[]),
IOException may be thrown from the store() call. In that case, out would be
left unclosed.
In loadFromPath():
{code}
keyStore.load(fs.open(p), password);
{code}
The InputStream should be closed upon return from load()
--
This message was sent by Atlassian JIRA
(v6.2#6252)
