This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 7.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/7.0.x by this push:
new b67ad23 Fix a potential resource leak
b67ad23 is described below
commit b67ad23f33021870875e8d61c88ed379ba91085f
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Wed Apr 17 12:37:36 2019 +0100
Fix a potential resource leak
---
java/org/apache/catalina/servlets/CGIServlet.java | 84 +++++++++++------------
webapps/docs/changelog.xml | 10 ++-
2 files changed, 50 insertions(+), 44 deletions(-)
diff --git a/java/org/apache/catalina/servlets/CGIServlet.java
b/java/org/apache/catalina/servlets/CGIServlet.java
index 58a6fdc..e64f66b 100644
--- a/java/org/apache/catalina/servlets/CGIServlet.java
+++ b/java/org/apache/catalina/servlets/CGIServlet.java
@@ -1203,59 +1203,57 @@ public final class CGIServlet extends HttpServlet {
return;
}
- File f = new File(destPath.toString());
- if (f.exists()) {
- try {
- is.close();
- } catch (IOException e) {
- log.warn(sm.getString("cgiServlet.expandCloseFail",
srcPath), e);
+ try {
+ File f = new File(destPath.toString());
+ if (f.exists()) {
+ // Don't need to expand if it already exists
+ return;
}
- // Don't need to expand if it already exists
- return;
- }
- // create directories
- File dir = f.getParentFile();
- if (!dir.mkdirs() && !dir.isDirectory()) {
- log.warn(sm.getString("cgiServlet.expandCreateDirFail",
dir.getAbsolutePath()));
- return;
- }
+ // create directories
+ File dir = f.getParentFile();
+ if (!dir.mkdirs() && !dir.isDirectory()) {
+ log.warn(sm.getString("cgiServlet.expandCreateDirFail",
dir.getAbsolutePath()));
+ return;
+ }
- try {
- synchronized (expandFileLock) {
- // make sure file doesn't exist
- if (f.exists()) {
- return;
- }
+ try {
+ synchronized (expandFileLock) {
+ // make sure file doesn't exist
+ if (f.exists()) {
+ return;
+ }
- // create file
- if (!f.createNewFile()) {
- return;
- }
- FileOutputStream fos = new FileOutputStream(f);
+ // create file
+ if (!f.createNewFile()) {
+ return;
+ }
+ FileOutputStream fos = new FileOutputStream(f);
- try {
- // copy data
- IOTools.flow(is, fos);
- } finally {
try {
- is.close();
- } catch (IOException e) {
- log.warn(sm.getString("cgiServlet.expandError"),
e);
+ // copy data
+ IOTools.flow(is, fos);
+ } finally {
+ fos.close();
+ }
+ if (log.isDebugEnabled()) {
+ log.debug(sm.getString("cgiServlet.expandOk",
srcPath, destPath));
}
- fos.close();
}
- if (log.isDebugEnabled()) {
- log.debug(sm.getString("cgiServlet.expandOk", srcPath,
destPath));
+ } catch (IOException ioe) {
+ log.warn(sm.getString("cgiServlet.expandFail", srcPath,
destPath), ioe);
+ // delete in case file is corrupted
+ if (f.exists()) {
+ if (!f.delete()) {
+
log.warn(sm.getString("cgiServlet.expandDeleteFail", f.getAbsolutePath()));
+ }
}
}
- } catch (IOException ioe) {
- log.warn(sm.getString("cgiServlet.expandFail", srcPath,
destPath), ioe);
- // delete in case file is corrupted
- if (f.exists()) {
- if (!f.delete()) {
- log.warn(sm.getString("cgiServlet.expandDeleteFail",
f.getAbsolutePath()));
- }
+ } finally {
+ try {
+ is.close();
+ } catch (IOException e) {
+ log.warn(sm.getString("cgiServlet.expandCloseFail",
srcPath), e);
}
}
}
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 4b5fbcc..f39a2e3 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -55,10 +55,18 @@
There is no ordering by add/update/fix.
Other fixed issues are added to the end of the list, chronologically.
- They eventually become mixed with the numbered issues. (I.e., numbered
+ They eventually become mixed with the numbered issues (i.e., numbered
issues do not "pop up" wrt. others).
-->
<section name="Tomcat 7.0.95 (violetagg)">
+ <subsection name="Catalina">
+ <changelog>
+ <fix>
+ Fix a potential resource leak when executing CGI scripts from a WAR
+ file. Identified by Coverity scan. (markt)
+ </fix>
+ </changelog>
+ </subsection>
</section>
<section name="Tomcat 7.0.94 (markt)" rtext="released 2019-04-12">
<subsection name="Catalina">
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
