This is an automated email from the ASF dual-hosted git repository.
rmaucher pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new c81c9de1f4 Fix a few more CodeQL issues
c81c9de1f4 is described below
commit c81c9de1f4e7aad94a6ad2c88eb8a1312a14b6a2
Author: remm <[email protected]>
AuthorDate: Wed May 27 16:49:47 2026 +0200
Fix a few more CodeQL issues
On second review ...
Co authored with OpenCode.
---
java/org/apache/catalina/servlets/CGIServlet.java | 10 +++++++++-
java/org/apache/catalina/servlets/LocalStrings.properties | 1 +
.../apache/catalina/tribes/membership/McastServiceImpl.java | 2 +-
java/org/apache/tomcat/util/digester/Digester.java | 8 +++++---
java/org/apache/tomcat/util/modeler/LocalStrings.properties | 1 +
java/org/apache/tomcat/util/modeler/Registry.java | 3 +++
6 files changed, 20 insertions(+), 5 deletions(-)
diff --git a/java/org/apache/catalina/servlets/CGIServlet.java
b/java/org/apache/catalina/servlets/CGIServlet.java
index 0e860352c6..227584d75b 100644
--- a/java/org/apache/catalina/servlets/CGIServlet.java
+++ b/java/org/apache/catalina/servlets/CGIServlet.java
@@ -1401,7 +1401,7 @@ public final class CGIServlet extends HttpServlet {
Runtime rt;
BufferedReader cgiHeaderReader = null;
InputStream cgiOutput = null;
- BufferedReader commandsStdErr;
+ BufferedReader commandsStdErr = null;
Thread errReaderThread = null;
BufferedOutputStream commandsStdIn;
Process proc = null;
@@ -1531,6 +1531,14 @@ public final class CGIServlet extends HttpServlet {
log.warn(sm.getString("cgiServlet.runOutputStreamFail"), ioe);
}
}
+ // Close the error stream reader if used
+ if (commandsStdErr != null) {
+ try {
+ commandsStdErr.close();
+ } catch (IOException ioe) {
+
log.warn(sm.getString("cgiServlet.runStdErrReaderFail"), ioe);
+ }
+ }
// Make sure the error stream reader has finished
if (errReaderThread != null) {
try {
diff --git a/java/org/apache/catalina/servlets/LocalStrings.properties
b/java/org/apache/catalina/servlets/LocalStrings.properties
index 9060ddf340..2628a1e8e2 100644
--- a/java/org/apache/catalina/servlets/LocalStrings.properties
+++ b/java/org/apache/catalina/servlets/LocalStrings.properties
@@ -36,6 +36,7 @@ cgiServlet.runReaderInterrupt=Interrupted waiting for stderr
reader thread
cgiServlet.runStdErr=stderr line: [{0}]
cgiServlet.runStdErrCount=Received [{0}] lines on stderr
cgiServlet.runStdErrFail=I/O problems with stderr
+cgiServlet.runStdErrReaderFail=I/O problems closing stderr reader
defaultServlet.blockExternalEntity=Blocked access to external entity with
publicId [{0}] and systemId [{0}]
defaultServlet.blockExternalEntity2=Blocked access to external entity with
name [{0}], publicId [{1}], baseURI [{2}] and systemId [{3}]
diff --git a/java/org/apache/catalina/tribes/membership/McastServiceImpl.java
b/java/org/apache/catalina/tribes/membership/McastServiceImpl.java
index fde65f96c3..c5142e94a8 100644
--- a/java/org/apache/catalina/tribes/membership/McastServiceImpl.java
+++ b/java/org/apache/catalina/tribes/membership/McastServiceImpl.java
@@ -810,7 +810,7 @@ public class McastServiceImpl extends
MembershipProviderBase {
if (log.isInfoEnabled()) {
log.info(sm.getString("mcastServiceImpl.recovery"));
}
- if (stopService() & startService()) {
+ if (stopService() && startService()) {
success = true;
if (log.isInfoEnabled()) {
log.info(sm.getString("mcastServiceImpl.recovery.successful"));
diff --git a/java/org/apache/tomcat/util/digester/Digester.java
b/java/org/apache/tomcat/util/digester/Digester.java
index 46dac829e6..4155363bf1 100644
--- a/java/org/apache/tomcat/util/digester/Digester.java
+++ b/java/org/apache/tomcat/util/digester/Digester.java
@@ -1596,9 +1596,11 @@ public class Digester extends DefaultHandler2 {
*/
public Object parse(File file) throws IOException, SAXException {
configure();
- InputSource input = new InputSource(new FileInputStream(file));
- input.setSystemId("file://" + file.getAbsolutePath());
- getXMLReader().parse(input);
+ try (FileInputStream fis = new FileInputStream(file)) {
+ InputSource input = new InputSource(fis);
+ input.setSystemId("file://" + file.getAbsolutePath());
+ getXMLReader().parse(input);
+ }
return root;
}
diff --git a/java/org/apache/tomcat/util/modeler/LocalStrings.properties
b/java/org/apache/tomcat/util/modeler/LocalStrings.properties
index e040f5d871..ca56be535e 100644
--- a/java/org/apache/tomcat/util/modeler/LocalStrings.properties
+++ b/java/org/apache/tomcat/util/modeler/LocalStrings.properties
@@ -41,6 +41,7 @@ registry.cannotAccessRegistry=Guard object [{0}] does not
allow access to the re
registry.createdServer=Created MBeanServer
registry.existingServer=Using existing MBeanServer
registry.initError=Error initializing [{0}]
+registry.invalidArguments=Invalid arguments, bean and beanClass cannot both be
null
registry.invalidSource=Invalid source specified, must be either URL, File,
Class or InputStream
registry.loadError=Error loading descriptors from [{0}]
registry.noDisable=The MBean registry cannot be disabled because it has
already been initialised
diff --git a/java/org/apache/tomcat/util/modeler/Registry.java
b/java/org/apache/tomcat/util/modeler/Registry.java
index b0cf2ef2ec..7d9799dcdc 100644
--- a/java/org/apache/tomcat/util/modeler/Registry.java
+++ b/java/org/apache/tomcat/util/modeler/Registry.java
@@ -482,6 +482,9 @@ public class Registry implements RegistryMBean,
MBeanRegistration {
}
if (type == null) {
+ if (beanClass == null) {
+ throw new
IllegalArgumentException(sm.getString("registry.invalidArguments"));
+ }
type = beanClass.getName();
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
