You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2019/04/17 15:23:16 UTC
[tomcat] branch 8.5.x updated: Fix potential resource leaks on
exception paths
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new d51e8c6 Fix potential resource leaks on exception paths
d51e8c6 is described below
commit d51e8c63795bf318b5b7999a60b89ca3ece243d4
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Wed Apr 17 16:16:53 2019 +0100
Fix potential resource leaks on exception paths
Identified by Coverity scan
---
.../org/apache/catalina/realm/DataSourceRealm.java | 95 +++++++---------------
webapps/docs/changelog.xml | 4 +
2 files changed, 34 insertions(+), 65 deletions(-)
diff --git a/java/org/apache/catalina/realm/DataSourceRealm.java b/java/org/apache/catalina/realm/DataSourceRealm.java
index 0868241..a30fe26 100644
--- a/java/org/apache/catalina/realm/DataSourceRealm.java
+++ b/java/org/apache/catalina/realm/DataSourceRealm.java
@@ -429,29 +429,31 @@ public class DataSourceRealm extends RealmBase {
}
}
+
/**
* Return the password associated with the given principal's user name.
+ *
* @param dbConnection The database connection to be used
* @param username Username for which password should be retrieved
+ *
* @return the password for the specified user
*/
- protected String getPassword(Connection dbConnection,
- String username) {
+ protected String getPassword(Connection dbConnection, String username) {
String dbCredentials = null;
- try (PreparedStatement stmt = credentials(dbConnection, username);
- ResultSet rs = stmt.executeQuery()) {
- if (rs.next()) {
- dbCredentials = rs.getString(1);
- }
+ try (PreparedStatement stmt = dbConnection.prepareStatement(preparedCredentials)) {
+ stmt.setString(1, username);
- return (dbCredentials != null) ? dbCredentials.trim() : null;
+ try (ResultSet rs = stmt.executeQuery()) {
+ if (rs.next()) {
+ dbCredentials = rs.getString(1);
+ }
+ return (dbCredentials != null) ? dbCredentials.trim() : null;
+ }
} catch (SQLException e) {
- containerLog.error(
- sm.getString("dataSourceRealm.getPassword.exception",
- username), e);
+ containerLog.error(sm.getString("dataSourceRealm.getPassword.exception", username), e);
}
return null;
@@ -501,14 +503,16 @@ public class DataSourceRealm extends RealmBase {
}
}
+
/**
- * Return the roles associated with the given user name
+ * Return the roles associated with the given user name.
+ *
* @param dbConnection The database connection to be used
* @param username User name for which roles should be retrieved
+ *
* @return an array list of the role names
*/
- protected ArrayList<String> getRoles(Connection dbConnection,
- String username) {
+ protected ArrayList<String> getRoles(Connection dbConnection, String username) {
if (allRolesMode != AllRolesMode.STRICT_MODE && !isRoleStoreDefined()) {
// Using an authentication only configuration and no role store has
@@ -518,66 +522,27 @@ public class DataSourceRealm extends RealmBase {
ArrayList<String> list = null;
- try (PreparedStatement stmt = roles(dbConnection, username);
- ResultSet rs = stmt.executeQuery()) {
- list = new ArrayList<>();
+ try (PreparedStatement stmt = dbConnection.prepareStatement(preparedRoles)) {
+ stmt.setString(1, username);
- while (rs.next()) {
- String role = rs.getString(1);
- if (role != null) {
- list.add(role.trim());
+ try (ResultSet rs = stmt.executeQuery()) {
+ list = new ArrayList<>();
+
+ while (rs.next()) {
+ String role = rs.getString(1);
+ if (role != null) {
+ list.add(role.trim());
+ }
}
+ return list;
}
- return list;
} catch(SQLException e) {
- containerLog.error(
- sm.getString("dataSourceRealm.getRoles.exception", username), e);
+ containerLog.error(sm.getString("dataSourceRealm.getRoles.exception", username), e);
}
return null;
}
- /**
- * Return a PreparedStatement configured to perform the SELECT required
- * to retrieve user credentials for the specified username.
- *
- * @param dbConnection The database connection to be used
- * @param username User name for which credentials should be retrieved
- * @return the prepared statement
- * @exception SQLException if a database error occurs
- */
- private PreparedStatement credentials(Connection dbConnection,
- String username)
- throws SQLException {
-
- PreparedStatement credentials =
- dbConnection.prepareStatement(preparedCredentials);
-
- credentials.setString(1, username);
- return (credentials);
-
- }
-
- /**
- * Return a PreparedStatement configured to perform the SELECT required
- * to retrieve user roles for the specified username.
- *
- * @param dbConnection The database connection to be used
- * @param username User name for which roles should be retrieved
- * @return the prepared statement
- * @exception SQLException if a database error occurs
- */
- private PreparedStatement roles(Connection dbConnection, String username)
- throws SQLException {
-
- PreparedStatement roles =
- dbConnection.prepareStatement(preparedRoles);
-
- roles.setString(1, username);
- return (roles);
-
- }
-
private boolean isRoleStoreDefined() {
return userRoleTable != null || roleNameCol != null;
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index c843b0a..a417b9a 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -63,6 +63,10 @@
Fix a potential resource leak when running a web application from a WAR
file. Identified by Coverity scan. (markt)
</fix>
+ <fix>
+ Fix a potential resource leak on some exception paths in the
+ <code>DataSourceRealm</code>. Identified by Coverity scan. (markt)
+ </fix>
</changelog>
</subsection>
</section>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org