You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cassandra.apache.org by "Arunkumar M (JIRA)" <ji...@apache.org> on 2016/08/04 07:02:20 UTC
[jira] [Updated] (CASSANDRA-12331) Unreleased Resource: Sockets
[ https://issues.apache.org/jira/browse/CASSANDRA-12331?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Arunkumar M updated CASSANDRA-12331:
------------------------------------
Attachment: 12331-3.0.txt
Patch attached
Github:
https://github.com/arun-mk/cassandra/commit/ab76c29a7a4e884f515b4438a3f8feb5877a95d6
> Unreleased Resource: Sockets
> ----------------------------
>
> Key: CASSANDRA-12331
> URL: https://issues.apache.org/jira/browse/CASSANDRA-12331
> Project: Cassandra
> Issue Type: Sub-task
> Reporter: Eduardo Aguinaga
> Attachments: 12331-3.0.txt
>
>
> Overview:
> In May through June of 2016 a static analysis was performed on version 3.0.5 of the Cassandra source code. The analysis included an automated analysis using HP Fortify v4.21 SCA and a manual analysis utilizing SciTools Understand v4. The results of that analysis includes the issue below.
> Issue:
> Sockets are low level resources that must be explicitly released so subsequent callers will have access to previously used sockets. In the file RMIServerSocketFactoryImpl.java on lines 15-16 a socket is acquired and eventually returned to the caller on line 18.
> If an exception is thrown by the code on line 17 the socket acquired on lines 15-16 will not be released for subsequent reuse.
> RMIServerSocketFactoryImpl.java, lines 13-19:
> {code:java}
> 13 public ServerSocket createServerSocket(final int pPort) throws IOException
> 14 {
> 15 ServerSocket socket = ServerSocketFactory.getDefault()
> 16 .createServerSocket(pPort, 0, InetAddress.getLoopbackAddress());
> 17 socket.setReuseAddress(true);
> 18 return socket;
> 19 }
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)