David Camilo Espitia Manrique created TRANSPORTS-55:
-------------------------------------------------------
Summary: Improper Resource Shutdown or Release in BaseUtils.java
246
Key: TRANSPORTS-55
URL: https://issues.apache.org/jira/browse/TRANSPORTS-55
Project: Axis2 Transports
Issue Type: Bug
Components: Base
Affects Versions: 1.0.0
Reporter: David Camilo Espitia Manrique
Fix For: 1.0.0
We are currently using "Axis2-transport-base 1.0.0 " and the veracode analysis
found a bug in this class "BaseUtils.java" line 246:
Type: Improper Resource Shutdown or Release
Description:
The application fails to release (or incorrectly releases) a system resource
before it is made available for re-use. This
condition often occurs with resources such as database connections or file
handles. Most unreleased resource issues
result in general software reliability problems, but if an attacker can
intentionally trigger a resource leak, it may be
possible to launch a denial of service attack by depleting the resource pool.
Recommendations:
When a resource is created or allocated, the developer is responsible for
properly releasing the resource as well as
accounting for all potential paths of expiration or invalidation. Ensure that
all code paths properly release resources
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
