This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch 7.0.x in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/7.0.x by this push: new ad47568 Fix potential resource leaks on exception paths ad47568 is described below commit ad475688da93bff59ae3661481b3bcf7d2d509a7 Author: Mark Thomas <ma...@apache.org> AuthorDate: Wed Apr 17 16:16:53 2019 +0100 Fix potential resource leaks on exception paths Identified by Coverity scan --- .../org/apache/catalina/realm/DataSourceRealm.java | 78 ++++++---------------- webapps/docs/changelog.xml | 4 ++ 2 files changed, 24 insertions(+), 58 deletions(-) diff --git a/java/org/apache/catalina/realm/DataSourceRealm.java b/java/org/apache/catalina/realm/DataSourceRealm.java index dc18275..97ddf07 100644 --- a/java/org/apache/catalina/realm/DataSourceRealm.java +++ b/java/org/apache/catalina/realm/DataSourceRealm.java @@ -445,31 +445,32 @@ public class DataSourceRealm } } + /** * Return the password associated with the given principal's user name. + * * @param dbConnection The database connection to be used * @param username Username for which password should be retrieved + * + * @return the password for the specified user */ - protected String getPassword(Connection dbConnection, - String username) { + protected String getPassword(Connection dbConnection, String username) { ResultSet rs = null; PreparedStatement stmt = null; String dbCredentials = null; try { - stmt = credentials(dbConnection, username); + stmt = dbConnection.prepareStatement(preparedCredentials); + stmt.setString(1, username); rs = stmt.executeQuery(); if (rs.next()) { dbCredentials = rs.getString(1); } return (dbCredentials != null) ? dbCredentials.trim() : null; - - } catch(SQLException e) { - containerLog.error( - sm.getString("dataSourceRealm.getPassword.exception", - username), e); + } catch (SQLException e) { + containerLog.error(sm.getString("dataSourceRealm.getPassword.exception", username), e); } finally { try { if (rs != null) { @@ -530,13 +531,16 @@ public class DataSourceRealm } } + /** - * Return the roles associated with the given user name + * Return the roles associated with the given user name. + * * @param dbConnection The database connection to be used - * @param username Username for which roles should be retrieved + * @param username User name for which roles should be retrieved + * + * @return an array list of the role names */ - protected ArrayList<String> getRoles(Connection dbConnection, - String username) { + protected ArrayList<String> getRoles(Connection dbConnection, String username) { if (allRolesMode != AllRolesMode.STRICT_MODE && !isRoleStoreDefined()) { // Using an authentication only configuration and no role store has @@ -549,7 +553,8 @@ public class DataSourceRealm ArrayList<String> list = null; try { - stmt = roles(dbConnection, username); + stmt = dbConnection.prepareStatement(preparedRoles); + stmt.setString(1, username); rs = stmt.executeQuery(); list = new ArrayList<String>(); @@ -561,8 +566,7 @@ public class DataSourceRealm } return list; } catch(SQLException e) { - containerLog.error( - sm.getString("dataSourceRealm.getRoles.exception", username), e); + containerLog.error(sm.getString("dataSourceRealm.getRoles.exception", username), e); } finally { try { @@ -574,55 +578,13 @@ public class DataSourceRealm } } catch (SQLException e) { containerLog.error( - sm.getString("dataSourceRealm.getRoles.exception", - username), e); + sm.getString("dataSourceRealm.getRoles.exception", username), e); } } return null; } - /** - * Return a PreparedStatement configured to perform the SELECT required - * to retrieve user credentials for the specified username. - * - * @param dbConnection The database connection to be used - * @param username Username for which credentials should be retrieved - * - * @exception SQLException if a database error occurs - */ - private PreparedStatement credentials(Connection dbConnection, - String username) - throws SQLException { - - PreparedStatement credentials = - dbConnection.prepareStatement(preparedCredentials); - - credentials.setString(1, username); - return (credentials); - - } - - /** - * Return a PreparedStatement configured to perform the SELECT required - * to retrieve user roles for the specified username. - * - * @param dbConnection The database connection to be used - * @param username Username for which roles should be retrieved - * - * @exception SQLException if a database error occurs - */ - private PreparedStatement roles(Connection dbConnection, String username) - throws SQLException { - - PreparedStatement roles = - dbConnection.prepareStatement(preparedRoles); - - roles.setString(1, username); - return (roles); - - } - private boolean isRoleStoreDefined() { return userRoleTable != null || roleNameCol != null; diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index 907a9c9..accad91 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -73,6 +73,10 @@ Fix a potential concurrency issue in the main Sendfile thread of the APR connector. Identified by Coverity scan. (markt) </fix> + <fix> + Fix a potential resource leak on some exception paths in the + <code>DataSourceRealm</code>. Identified by Coverity scan. (markt) + </fix> </changelog> </subsection> </section> --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org