[jira] [Created] (CXF-9190) OpenScanHub static analysis findings: race conditions, resource leaks, and code defects

Roman Stepaniuk (Jira) Fri, 12 Dec 2025 07:38:07 -0800

Roman Stepaniuk created CXF-9190:
------------------------------------

             Summary: OpenScanHub static analysis findings: race conditions, 
resource leaks, and code defects
                 Key: CXF-9190
                 URL: https://issues.apache.org/jira/browse/CXF-9190
             Project: CXF
          Issue Type: Bug
    Affects Versions: 4.1.4
            Reporter: Roman Stepaniuk



OpenScanHub detected multiple issues:

  - *LOCK_EVASION*: Race conditions in ExtensionManagerBus, 
AbstractContentEncryptionAlgorithm, CodeAuthSupplier
  - *BAD_LOCK_OBJECT*: ClientImpl synchronizes on mutable field
  - *MISSING_LOCK*: ServiceListGeneratorServlet bus initialization not 
thread-safe
  - *RESOURCE_LEAK*: Unclosed streams in core classes and samples
  - *DEREFERENCE_BEFORE_CHECK*: Multiple getInputStream() calls in 
AttachmentDeserializer
  - *IDENTIFIER_TYPO*: JavaScript function name typo
  - *NESTING_INDENT_MISMATCH*: Syntax error in DumpingClassLoaderCapturer




--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Created] (CXF-9190) OpenScanHub static analysis findings: race conditions, resource leaks, and code defects

Reply via email to