StandardWrapper.java

kkolinko Fri, 04 Jan 2013 16:38:30 -0800

Author: kkolinko
Date: Sat Jan  5 00:38:08 2013
New Revision: 1429173

URL: http://svn.apache.org/viewvc?rev=1429173&view=rev
Log:
When running with a SecurityManager, make sure that reference to a Servlet 
instance is removed from a static cache when its init() or destroy() methods 
fail.


Modified:
    tomcat/trunk/java/org/apache/catalina/core/StandardWrapper.java

Modified: tomcat/trunk/java/org/apache/catalina/core/StandardWrapper.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/core/StandardWrapper.java?rev=1429173&r1=1429172&r2=1429173&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/core/StandardWrapper.java (original)
+++ tomcat/trunk/java/org/apache/catalina/core/StandardWrapper.java Sat Jan  5 
00:38:08 2013
@@ -1210,13 +1210,20 @@ public class StandardWrapper extends Con
                                               servlet);
 
             if( Globals.IS_SECURITY_ENABLED) {
-
-                Object[] args = new Object[]{(facade)};
-                SecurityUtil.doAsPrivilege("init",
-                                           servlet,
-                                           classType,
-                                           args);
-                args = null;
+                boolean success = false;
+                try {
+                    Object[] args = new Object[] { facade };
+                    SecurityUtil.doAsPrivilege("init",
+                                               servlet,
+                                               classType,
+                                               args);
+                    success = true;
+                } finally {
+                    if (!success) {
+                        // destroy() will not be called, thus clear the 
reference now
+                        SecurityUtil.remove(servlet);
+                    }
+                }
             } else {
                 servlet.init(facade);
             }
@@ -1412,9 +1419,12 @@ public class StandardWrapper extends Con
                   (InstanceEvent.BEFORE_DESTROY_EVENT, instance);
 
                 if( Globals.IS_SECURITY_ENABLED) {
-                    SecurityUtil.doAsPrivilege("destroy",
-                                               instance);
-                    SecurityUtil.remove(instance);
+                    try {
+                        SecurityUtil.doAsPrivilege("destroy",
+                                                   instance);
+                    } finally {
+                        SecurityUtil.remove(instance);
+                    }
                 } else {
                     instance.destroy();
                 }
@@ -1467,8 +1477,11 @@ public class StandardWrapper extends Con
                 while (!instancePool.isEmpty()) {
                     Servlet s = instancePool.pop();
                     if (Globals.IS_SECURITY_ENABLED) {
-                        SecurityUtil.doAsPrivilege("destroy", s);
-                        SecurityUtil.remove(instance);
+                        try {
+                            SecurityUtil.doAsPrivilege("destroy", s);
+                        } finally {
+                            SecurityUtil.remove(instance);
+                        }
                     } else {
                         s.destroy();
                     }



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1429173 - /tomcat/trunk/java/org/apache/catalina/core/StandardWrapper.java

Reply via email to