Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-924

Coverity static analysis: Resource leak in LdapSecurityRealm (Elytron)

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Critical Critical
    • 1.1.0.Beta23
    • 1.1.0.Beta21
    • None
    • None

      Coverity static-analysis scan found resource leak in LdapSecurityRealm.getIdentity().

      It has to be in try-with-resources, because Stream<LdapIdentity> has registered close handler, where NamingEnumeration.close() is called. Looking into one possible implementation http://grepcode.com/file/repository.grepcode.com/java/root/jdk/openjdk/8u40-b25/com/sun/jndi/ldap/LdapNamingEnumeration.java#LdapNamingEnumeration It would be safer to call close() explicitelly.

      However chained stream statement is used in try, which cause 2 Stream objects to be created. But only one of them is closed. Stream created by ldapSearch.search(context) (with exlicitely registered close handler) is not closed.

      LdapSecurityRealm.java
      try (
Stream<LdapIdentity> identityStream = ldapSearch.search(context)
    .map(result -> new LdapIdentity(result.getNameInNamespace()))
     ) {
        LdapIdentity identity = identityStream.findFirst().orElse(null);

      https://scan7.coverity.com/reports.htm#v23632/p11778/fileInstanceId=8553877&defectInstanceId=2139014&mergedDefectId=1397422

              rhn-support-ivassile Ilia Vassilev
              mchoma@redhat.com Martin Choma
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: