[ 
https://issues.apache.org/jira/browse/IMAGING-232?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16887663#comment-16887663
 ] 

Bruno P. Kinoshita commented on IMAGING-232:
--------------------------------------------

Hi [~gopal008], unfortunately I am not able to reproduce this.

You created this issue 6 days ago. The last modification in XpmImageParser is 
from May 16th this year.

And the line 86 you mentioned appears to be something else: 
[https://github.com/apache/commons-imaging/blob/e6893414a699a5f2480f2d18dc9bc9e21a0cf15d/src/main/java/org/apache/commons/imaging/formats/xpm/XpmImageParser.java#L86]

That change to use try-with-resources on all the streams was introduced in 
2016: 
[https://github.com/apache/commons-imaging/commit/114cd8507f6bcc26d4b56bd53c88cd17ee31afbf#diff-f295ab2d366c58ffead715f1e97911da]

So I suspect you used an invalid version with your scanner.

Feel free to re-open in case this issue persists and you are able to point what 
version on master or on the last release tag has the issue. But please be aware 
that there is a [guideline for issues regarding 
securities|https://commons.apache.org/security.html]

Bruno

 

> Close resources in XpmImageParser.java
> --------------------------------------
>
>                 Key: IMAGING-232
>                 URL: https://issues.apache.org/jira/browse/IMAGING-232
>             Project: Commons Imaging
>          Issue Type: Bug
>          Components: imaging.common.*
>    Affects Versions: 1.0-alpha1
>            Reporter: Gopal Rao
>            Priority: Minor
>
> We use Veracode as the security tool to scan vulnerabilities in our 
> organization. Veracode  raised an issue with improper closing of the buffered 
> reader. The class is XpmImageParser.java. The line number is 86. This refers 
> to the buffered reader. Can you please close this resource ?
> h1.  



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

Reply via email to