This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/10.1.x by this push:
new b0702119b6 Fix potential resource leaks
b0702119b6 is described below
commit b0702119b613b3f705e4e552e84d76ad3bcf236a
Author: Mark Thomas <[email protected]>
AuthorDate: Tue Jul 4 20:21:11 2023 +0100
Fix potential resource leaks
---
.../catalina/users/DataSourceUserDatabase.java | 58 +++++++++++-----------
webapps/docs/changelog.xml | 4 ++
2 files changed, 32 insertions(+), 30 deletions(-)
diff --git a/java/org/apache/catalina/users/DataSourceUserDatabase.java
b/java/org/apache/catalina/users/DataSourceUserDatabase.java
index 47a7a4a42e..d79082d758 100644
--- a/java/org/apache/catalina/users/DataSourceUserDatabase.java
+++ b/java/org/apache/catalina/users/DataSourceUserDatabase.java
@@ -465,27 +465,26 @@ public class DataSourceUserDatabase extends
SparseUserDatabase {
groups.putAll(createdGroups);
groups.putAll(modifiedGroups);
- Connection dbConnection = openConnection();
- if (dbConnection != null && preparedAllGroups != null) {
- try (PreparedStatement stmt =
dbConnection.prepareStatement(preparedAllGroups)) {
- try (ResultSet rs = stmt.executeQuery()) {
- while (rs.next()) {
- String groupName = rs.getString(1);
- if (groupName != null) {
- if (!groups.containsKey(groupName) &&
!removedGroups.containsKey(groupName)) {
- Group group =
findGroupInternal(dbConnection, groupName);
- if (group != null) {
- groups.put(groupName, group);
+ try (Connection dbConnection = openConnection()) {
+ if (dbConnection != null && preparedAllGroups != null) {
+ try (PreparedStatement stmt =
dbConnection.prepareStatement(preparedAllGroups)) {
+ try (ResultSet rs = stmt.executeQuery()) {
+ while (rs.next()) {
+ String groupName = rs.getString(1);
+ if (groupName != null) {
+ if (!groups.containsKey(groupName) &&
!removedGroups.containsKey(groupName)) {
+ Group group =
findGroupInternal(dbConnection, groupName);
+ if (group != null) {
+ groups.put(groupName, group);
+ }
}
}
}
}
}
- } catch (SQLException e) {
-
log.error(sm.getString("dataSourceUserDatabase.exception"), e);
- } finally {
- closeConnection(dbConnection);
}
+ } catch (SQLException e) {
+
log.error(sm.getString("dataSourceUserDatabase.exception"), e);
}
return groups.values().iterator();
} finally {
@@ -506,27 +505,26 @@ public class DataSourceUserDatabase extends
SparseUserDatabase {
roles.putAll(createdRoles);
roles.putAll(modifiedRoles);
- Connection dbConnection = openConnection();
- if (dbConnection != null && preparedAllRoles != null) {
- try (PreparedStatement stmt =
dbConnection.prepareStatement(preparedAllRoles)) {
- try (ResultSet rs = stmt.executeQuery()) {
- while (rs.next()) {
- String roleName = rs.getString(1);
- if (roleName != null) {
- if (!roles.containsKey(roleName) &&
!removedRoles.containsKey(roleName)) {
- Role role =
findRoleInternal(dbConnection, roleName);
- if (role != null) {
- roles.put(roleName, role);
+ try (Connection dbConnection = openConnection()) {
+ if (dbConnection != null && preparedAllRoles != null) {
+ try (PreparedStatement stmt =
dbConnection.prepareStatement(preparedAllRoles)) {
+ try (ResultSet rs = stmt.executeQuery()) {
+ while (rs.next()) {
+ String roleName = rs.getString(1);
+ if (roleName != null) {
+ if (!roles.containsKey(roleName) &&
!removedRoles.containsKey(roleName)) {
+ Role role =
findRoleInternal(dbConnection, roleName);
+ if (role != null) {
+ roles.put(roleName, role);
+ }
}
}
}
}
}
- } catch (SQLException e) {
-
log.error(sm.getString("dataSourceUserDatabase.exception"), e);
- } finally {
- closeConnection(dbConnection);
}
+ } catch (SQLException e) {
+
log.error(sm.getString("dataSourceUserDatabase.exception"), e);
}
return roles.values().iterator();
} finally {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 6987378381..81c6bc07e6 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -130,6 +130,10 @@
<code>webapp:</code>) and make the resource lookup API more visible.
(remm)
</update>
+ <fix>
+ Fix potential database connection leaks in
+ <code>DataSourceUserDatabase</code> identified by Coverity Scan.
(markt)
+ </fix>
</changelog>
</subsection>
<subsection name="Coyote">
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
