You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tuscany.apache.org by "Greg Dritschler (JIRA)" <de...@tuscany.apache.org> on 2009/05/29 01:03:45 UTC
[jira] Created: (TUSCANY-3065) Double use exposure in
JAXBDataSource
Double use exposure in JAXBDataSource
-------------------------------------
Key: TUSCANY-3065
URL: https://issues.apache.org/jira/browse/TUSCANY-3065
Project: Tuscany
Issue Type: Bug
Components: Java SCA Data Binding Runtime
Reporter: Greg Dritschler
There is a potential double use of a Marshaller object in org.apache.tuscany.sca.databinding.jaxb.axiom.JAXBDataSource.
The following code gets a marshaller from an underlying pool and then caches it.
private Marshaller getMarshaller() throws JAXBException {
if (marshaller == null) {
// For thread safety, not sure we can cache the marshaller
marshaller = JAXBContextHelper.getMarshaller(context);
}
return marshaller;
}
The code which calls this method also releases the Marshaller back to the pool. For example:
public void serialize(final OutputStream output, OMOutputFormat format) throws XMLStreamException {
try {
// marshaller.setProperty(Marshaller.JAXB_ENCODING, format.getCharSetEncoding());
AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() {
public Object run() throws Exception {
try {
Marshaller marshaller = getMarshaller();
marshaller.marshal(element, output);
} finally {
releaseMarshaller(marshaller);
}
return null;
}
});
} catch (PrivilegedActionException e) {
throw new XMLStreamException(e.getException());
}
}
So after this method runs, the member variable marshaller contains a reference to an element in the free pool. If another thread obtains that element, there is a potential of double use.
Proposed fix:
- Delete member variable marshaller.
- Change getMarshaller to just return the Marshaller obtained from JAXBContextHelper without saving it.
- Change all callers of getMarshaller/releaseMarshaller to use local variables. You'll note there's a local variable in the "try" paths, but then the "finally" paths use the member variable. Both the try and finally should use the same local variable.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
Re: [jira] Commented: (TUSCANY-3065) Double use exposure in
JAXBDataSource
Posted by ant elder <an...@gmail.com>.
On Fri, May 29, 2009 at 2:12 AM, Scott Kurz (JIRA)
<de...@tuscany.apache.org> wrote:
> (I didn't have permissions to assign the JIRA to myself first though.)
>
I've just added your JIRA id to the Tuscany group so you should have
full access now.
...ant
[jira] Resolved: (TUSCANY-3065) Double use exposure in
JAXBDataSource
Posted by "Raymond Feng (JIRA)" <de...@tuscany.apache.org>.
[ https://issues.apache.org/jira/browse/TUSCANY-3065?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Raymond Feng resolved TUSCANY-3065.
-----------------------------------
Resolution: Fixed
Fixed by Scott
> Double use exposure in JAXBDataSource
> -------------------------------------
>
> Key: TUSCANY-3065
> URL: https://issues.apache.org/jira/browse/TUSCANY-3065
> Project: Tuscany
> Issue Type: Bug
> Components: Java SCA Data Binding Runtime
> Reporter: Greg Dritschler
> Assignee: Raymond Feng
>
> There is a potential double use of a Marshaller object in org.apache.tuscany.sca.databinding.jaxb.axiom.JAXBDataSource.
> The following code gets a marshaller from an underlying pool and then caches it.
> private Marshaller getMarshaller() throws JAXBException {
> if (marshaller == null) {
> // For thread safety, not sure we can cache the marshaller
> marshaller = JAXBContextHelper.getMarshaller(context);
> }
> return marshaller;
> }
> The code which calls this method also releases the Marshaller back to the pool. For example:
> public void serialize(final OutputStream output, OMOutputFormat format) throws XMLStreamException {
> try {
> // marshaller.setProperty(Marshaller.JAXB_ENCODING, format.getCharSetEncoding());
> AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() {
> public Object run() throws Exception {
> try {
> Marshaller marshaller = getMarshaller();
> marshaller.marshal(element, output);
> } finally {
> releaseMarshaller(marshaller);
> }
> return null;
> }
> });
> } catch (PrivilegedActionException e) {
> throw new XMLStreamException(e.getException());
> }
> }
> So after this method runs, the member variable marshaller contains a reference to an element in the free pool. If another thread obtains that element, there is a potential of double use.
> Proposed fix:
> - Delete member variable marshaller.
> - Change getMarshaller to just return the Marshaller obtained from JAXBContextHelper without saving it.
> - Change all callers of getMarshaller/releaseMarshaller to use local variables. You'll note there's a local variable in the "try" paths, but then the "finally" paths use the member variable. Both the try and finally should use the same local variable.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (TUSCANY-3065) Double use exposure in
JAXBDataSource
Posted by "Scott Kurz (JIRA)" <de...@tuscany.apache.org>.
[ https://issues.apache.org/jira/browse/TUSCANY-3065?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12714251#action_12714251 ]
Scott Kurz commented on TUSCANY-3065:
-------------------------------------
Thanks Greg for the detailed writeup. Made these changes and committed in r779808 in 1.x. (I didn't have permissions to assign the JIRA to myself first though.)
> Double use exposure in JAXBDataSource
> -------------------------------------
>
> Key: TUSCANY-3065
> URL: https://issues.apache.org/jira/browse/TUSCANY-3065
> Project: Tuscany
> Issue Type: Bug
> Components: Java SCA Data Binding Runtime
> Reporter: Greg Dritschler
>
> There is a potential double use of a Marshaller object in org.apache.tuscany.sca.databinding.jaxb.axiom.JAXBDataSource.
> The following code gets a marshaller from an underlying pool and then caches it.
> private Marshaller getMarshaller() throws JAXBException {
> if (marshaller == null) {
> // For thread safety, not sure we can cache the marshaller
> marshaller = JAXBContextHelper.getMarshaller(context);
> }
> return marshaller;
> }
> The code which calls this method also releases the Marshaller back to the pool. For example:
> public void serialize(final OutputStream output, OMOutputFormat format) throws XMLStreamException {
> try {
> // marshaller.setProperty(Marshaller.JAXB_ENCODING, format.getCharSetEncoding());
> AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() {
> public Object run() throws Exception {
> try {
> Marshaller marshaller = getMarshaller();
> marshaller.marshal(element, output);
> } finally {
> releaseMarshaller(marshaller);
> }
> return null;
> }
> });
> } catch (PrivilegedActionException e) {
> throw new XMLStreamException(e.getException());
> }
> }
> So after this method runs, the member variable marshaller contains a reference to an element in the free pool. If another thread obtains that element, there is a potential of double use.
> Proposed fix:
> - Delete member variable marshaller.
> - Change getMarshaller to just return the Marshaller obtained from JAXBContextHelper without saving it.
> - Change all callers of getMarshaller/releaseMarshaller to use local variables. You'll note there's a local variable in the "try" paths, but then the "finally" paths use the member variable. Both the try and finally should use the same local variable.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Assigned: (TUSCANY-3065) Double use exposure in
JAXBDataSource
Posted by "Raymond Feng (JIRA)" <de...@tuscany.apache.org>.
[ https://issues.apache.org/jira/browse/TUSCANY-3065?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Raymond Feng reassigned TUSCANY-3065:
-------------------------------------
Assignee: Raymond Feng
> Double use exposure in JAXBDataSource
> -------------------------------------
>
> Key: TUSCANY-3065
> URL: https://issues.apache.org/jira/browse/TUSCANY-3065
> Project: Tuscany
> Issue Type: Bug
> Components: Java SCA Data Binding Runtime
> Reporter: Greg Dritschler
> Assignee: Raymond Feng
>
> There is a potential double use of a Marshaller object in org.apache.tuscany.sca.databinding.jaxb.axiom.JAXBDataSource.
> The following code gets a marshaller from an underlying pool and then caches it.
> private Marshaller getMarshaller() throws JAXBException {
> if (marshaller == null) {
> // For thread safety, not sure we can cache the marshaller
> marshaller = JAXBContextHelper.getMarshaller(context);
> }
> return marshaller;
> }
> The code which calls this method also releases the Marshaller back to the pool. For example:
> public void serialize(final OutputStream output, OMOutputFormat format) throws XMLStreamException {
> try {
> // marshaller.setProperty(Marshaller.JAXB_ENCODING, format.getCharSetEncoding());
> AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() {
> public Object run() throws Exception {
> try {
> Marshaller marshaller = getMarshaller();
> marshaller.marshal(element, output);
> } finally {
> releaseMarshaller(marshaller);
> }
> return null;
> }
> });
> } catch (PrivilegedActionException e) {
> throw new XMLStreamException(e.getException());
> }
> }
> So after this method runs, the member variable marshaller contains a reference to an element in the free pool. If another thread obtains that element, there is a potential of double use.
> Proposed fix:
> - Delete member variable marshaller.
> - Change getMarshaller to just return the Marshaller obtained from JAXBContextHelper without saving it.
> - Change all callers of getMarshaller/releaseMarshaller to use local variables. You'll note there's a local variable in the "try" paths, but then the "finally" paths use the member variable. Both the try and finally should use the same local variable.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.