[
https://issues.apache.org/jira/browse/IMAGING-232?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16887663#comment-16887663
]
Bruno P. Kinoshita commented on IMAGING-232:
--------------------------------------------
Hi [~gopal008], unfortunately I am not able to reproduce this.
You created this issue 6 days ago. The last modification in XpmImageParser is
from May 16th this year.
And the line 86 you mentioned appears to be something else:
[https://github.com/apache/commons-imaging/blob/e6893414a699a5f2480f2d18dc9bc9e21a0cf15d/src/main/java/org/apache/commons/imaging/formats/xpm/XpmImageParser.java#L86]
That change to use try-with-resources on all the streams was introduced in
2016:
[https://github.com/apache/commons-imaging/commit/114cd8507f6bcc26d4b56bd53c88cd17ee31afbf#diff-f295ab2d366c58ffead715f1e97911da]
So I suspect you used an invalid version with your scanner.
Feel free to re-open in case this issue persists and you are able to point what
version on master or on the last release tag has the issue. But please be aware
that there is a [guideline for issues regarding
securities|https://commons.apache.org/security.html]
Bruno
> Close resources in XpmImageParser.java
> --------------------------------------
>
> Key: IMAGING-232
> URL: https://issues.apache.org/jira/browse/IMAGING-232
> Project: Commons Imaging
> Issue Type: Bug
> Components: imaging.common.*
> Affects Versions: 1.0-alpha1
> Reporter: Gopal Rao
> Priority: Minor
>
> We use Veracode as the security tool to scan vulnerabilities in our
> organization. Veracode raised an issue with improper closing of the buffered
> reader. The class is XpmImageParser.java. The line number is 86. This refers
> to the buffered reader. Can you please close this resource ?
> h1.
--
This message was sent by Atlassian JIRA
(v7.6.14#76016)
