[jira] [Assigned] (CXF-9190) OpenScanHub static analysis findings: race conditions, resource leaks, and code defects

Freeman Yue Fang (Jira) Tue, 13 Jan 2026 04:39:13 -0800


     [ 
https://issues.apache.org/jira/browse/CXF-9190?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Freeman Yue Fang reassigned CXF-9190:
-------------------------------------

    Assignee: Freeman Yue Fang

> OpenScanHub static analysis findings: race conditions, resource leaks, and 
> code defects
> ---------------------------------------------------------------------------------------
>
>                 Key: CXF-9190
>                 URL: https://issues.apache.org/jira/browse/CXF-9190
>             Project: CXF
>          Issue Type: Bug
>    Affects Versions: 4.1.4
>            Reporter: Roman Stepaniuk
>            Assignee: Freeman Yue Fang
>            Priority: Major
>             Fix For: 4.2.0, 4.1.5, 4.0.11
>
>
> OpenScanHub detected multiple issues:
>   - *LOCK_EVASION*: Race conditions in ExtensionManagerBus, 
> AbstractContentEncryptionAlgorithm, CodeAuthSupplier
>   - *BAD_LOCK_OBJECT*: ClientImpl synchronizes on mutable field
>   - *MISSING_LOCK*: ServiceListGeneratorServlet bus initialization not 
> thread-safe
>   - *RESOURCE_LEAK*: Unclosed streams in core classes and samples
>   - *DEREFERENCE_BEFORE_CHECK*: Multiple getInputStream() calls in 
> AttachmentDeserializer
>   - *IDENTIFIER_TYPO*: JavaScript function name typo
>   - *NESTING_INDENT_MISMATCH*: Syntax error in DumpingClassLoaderCapturer



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Assigned] (CXF-9190) OpenScanHub static analysis findings: race conditions, resource leaks, and code defects

Reply via email to