[commons-configuration] 08/12: Fix JDBC prepared statements leak in org.apache.commons.configuration2.DatabaseConfiguration.clearPropertyDirect(String). Fix JDBC prepared statements leak in org.apache.commons.configuration2.DatabaseConfiguration.clearPropertyDirect(String).

Sat, 25 Mar 2023 14:36:37 -0700 

This is an automated email from the ASF dual-hosted git repository.

ggregory pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/commons-configuration.git

commit 4585d750ac9487bc56a3ffeea4e5d1343bbfd4a4
Author: Gary Gregory <garydgreg...@gmail.com>
AuthorDate: Sat Mar 25 17:09:36 2023 -0400

    Fix JDBC prepared statements leak in
    
org.apache.commons.configuration2.DatabaseConfiguration.clearPropertyDirect(String).
    Fix JDBC prepared statements leak in
    
org.apache.commons.configuration2.DatabaseConfiguration.clearPropertyDirect(String).
---
 src/changes/changes.xml                                               | 3 +++
 .../java/org/apache/commons/configuration2/DatabaseConfiguration.java | 4 +++-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/changes/changes.xml b/src/changes/changes.xml
index f329fd05..c6a52139 100644
--- a/src/changes/changes.xml
+++ b/src/changes/changes.xml
@@ -47,6 +47,9 @@
       <action type="fix" dev="ggregory" due-to="Gary Gregory">
         Avoid NullPointerException in 
org.apache.commons.configuration2.web.AppletConfiguration.getKeysInternal().
       </action>
+      <action type="fix" dev="ggregory" due-to="Gary Gregory">
+        Fix JDBC prepared statements leak in 
org.apache.commons.configuration2.DatabaseConfiguration.clearPropertyDirect(String).
+      </action>
       <!-- UPDATE -->
       <action type="update" dev="ggregory" due-to="Gary Gregory, Dependabot">
         Bump actions/checkout from 3 to 3.1.0 #224.
diff --git 
a/src/main/java/org/apache/commons/configuration2/DatabaseConfiguration.java 
b/src/main/java/org/apache/commons/configuration2/DatabaseConfiguration.java
index 5d3bcc28..1df35c7d 100644
--- a/src/main/java/org/apache/commons/configuration2/DatabaseConfiguration.java
+++ b/src/main/java/org/apache/commons/configuration2/DatabaseConfiguration.java
@@ -448,7 +448,9 @@ public class DatabaseConfiguration extends 
AbstractConfiguration {
         new JdbcOperation<Void>(ConfigurationErrorEvent.WRITE, 
ConfigurationEvent.CLEAR, null, null) {
             @Override
             protected Void performOperation() throws SQLException {
-                initStatement(String.format(SQL_CLEAR, table), 
true).executeUpdate();
+                try (PreparedStatement statement = 
initStatement(String.format(SQL_CLEAR, table), true)) {
+                    statement.executeUpdate();
+                }
                 return null;
             }
         }.execute();

Reply via email to