[jira] [Resolved] (KNOX-603) Coverity: Potential resource leak in BaseKeystoreService.createKeystore

Wed, 30 Sep 2015 13:51:36 -0700 

     [ 
https://issues.apache.org/jira/browse/KNOX-603?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Kevin Minder resolved KNOX-603.
-------------------------------
    Resolution: Fixed

> Coverity: Potential resource leak in BaseKeystoreService.createKeystore
> -----------------------------------------------------------------------
>
>                 Key: KNOX-603
>                 URL: https://issues.apache.org/jira/browse/KNOX-603
>             Project: Apache Knox
>          Issue Type: Bug
>          Components: Server
>    Affects Versions: 0.6.0
>            Reporter: Kevin Minder
>            Assignee: Kevin Minder
>            Priority: Minor
>             Fix For: 0.7.0
>
>
> {code}
>  protected void createKeystore(String filename, String keystoreType) throws 
> KeystoreServiceException {
>  92    try {
>       1. alloc_fn: A new resource is returned from allocation method 
> createKeyStoreFile. [show details]
>       2. var_assign: Assigning: out = resource returned from 
> org.apache.hadoop.gateway.services.security.impl.BaseKeystoreService.createKeyStoreFile(filename).
>  93      FileOutputStream out = createKeyStoreFile( filename );
>  94      KeyStore ks = KeyStore.getInstance(keystoreType);  
>  95      ks.load( null, null );  
>       CID 1241742: Use of hard-coded password (HARDCODED_CREDENTIALS) [select 
> issue]
>       3. noescape: Resource out is not closed or saved in store.
>  96      ks.store( out, masterService.getMasterSecret() );
>       
> CID 1241679: Resource leak (RESOURCE_LEAK)
> 4. leaked_resource: Variable out going out of scope leaks the resource it 
> refers to.
>  97    } catch (KeyStoreException e) {
>  98      LOG.failedToCreateKeystore( filename, keystoreType, e );
>  99      throw new KeystoreServiceException(e);
> 100    } catch (NoSuchAlgorithmException e) {
> 101      LOG.failedToCreateKeystore( filename, keystoreType, e );
> 102      throw new KeystoreServiceException(e);
> 103    } catch (CertificateException e) {
> 104      LOG.failedToCreateKeystore( filename, keystoreType, e );
> 105      throw new KeystoreServiceException(e);
> 106    } catch (FileNotFoundException e) {
> 107      LOG.failedToCreateKeystore( filename, keystoreType, e );
> 108      throw new KeystoreServiceException(e);
> 109    } catch (IOException e) {
> 110      LOG.failedToCreateKeystore( filename, keystoreType, e );
> 111      throw new KeystoreServiceException(e);
> 112    }
> 113  }
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to