You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by kk...@apache.org on 2013/01/05 01:38:08 UTC
svn commit: r1429173 -
/tomcat/trunk/java/org/apache/catalina/core/StandardWrapper.java
Author: kkolinko
Date: Sat Jan 5 00:38:08 2013
New Revision: 1429173
URL: http://svn.apache.org/viewvc?rev=1429173&view=rev
Log:
When running with a SecurityManager, make sure that reference to a Servlet instance is removed from a static cache when its init() or destroy() methods fail.
Modified:
tomcat/trunk/java/org/apache/catalina/core/StandardWrapper.java
Modified: tomcat/trunk/java/org/apache/catalina/core/StandardWrapper.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/core/StandardWrapper.java?rev=1429173&r1=1429172&r2=1429173&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/core/StandardWrapper.java (original)
+++ tomcat/trunk/java/org/apache/catalina/core/StandardWrapper.java Sat Jan 5 00:38:08 2013
@@ -1210,13 +1210,20 @@ public class StandardWrapper extends Con
servlet);
if( Globals.IS_SECURITY_ENABLED) {
-
- Object[] args = new Object[]{(facade)};
- SecurityUtil.doAsPrivilege("init",
- servlet,
- classType,
- args);
- args = null;
+ boolean success = false;
+ try {
+ Object[] args = new Object[] { facade };
+ SecurityUtil.doAsPrivilege("init",
+ servlet,
+ classType,
+ args);
+ success = true;
+ } finally {
+ if (!success) {
+ // destroy() will not be called, thus clear the reference now
+ SecurityUtil.remove(servlet);
+ }
+ }
} else {
servlet.init(facade);
}
@@ -1412,9 +1419,12 @@ public class StandardWrapper extends Con
(InstanceEvent.BEFORE_DESTROY_EVENT, instance);
if( Globals.IS_SECURITY_ENABLED) {
- SecurityUtil.doAsPrivilege("destroy",
- instance);
- SecurityUtil.remove(instance);
+ try {
+ SecurityUtil.doAsPrivilege("destroy",
+ instance);
+ } finally {
+ SecurityUtil.remove(instance);
+ }
} else {
instance.destroy();
}
@@ -1467,8 +1477,11 @@ public class StandardWrapper extends Con
while (!instancePool.isEmpty()) {
Servlet s = instancePool.pop();
if (Globals.IS_SECURITY_ENABLED) {
- SecurityUtil.doAsPrivilege("destroy", s);
- SecurityUtil.remove(instance);
+ try {
+ SecurityUtil.doAsPrivilege("destroy", s);
+ } finally {
+ SecurityUtil.remove(instance);
+ }
} else {
s.destroy();
}
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org