Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-12219

Resource leak in MonitoringAdapters#getMonAuthList

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 12.0.4, 13.5.1, 14.0.0, 14.1.0, 14.1.1, 14.5.0, 14.5.1, 5.5.1, 6.0.0
    • Fix Version/s: 13.5.2, 6.0.0, 5.5.2
    • Component/s: monitoring
    • Labels:
      None
    • Needs backport:
      No
    • Support Ticket IDs:
    • Needs QA verification:
      No
    • Functional tests:
      No
    • Are the reproduction steps defined?:
      No (add reasons in the comment)

      Description

      Bug description

      The BufferedReader/FileReader created in com.sun.identity.monitoring.MonitoringAdapters#getMonAuthList is never closed, leading to a resource leak. This was flagged as a potential security issue by a customer scan, but it is not exploitable for a DoS as this code is only called once at startup and a user cannot influence the process so at most it will only ever leak a single file descriptor.

      How to reproduce the issue

      Code quality bug, not directly reproducible.

      Code analysis

      Quick fix would be to move the following code into a try-with-resources statement:

      BufferedReader frdr = new BufferedReader(new FileReader(authFilePath));
      

       

        Attachments

          Activity

            People

            • Assignee:
              neil.madden Neil Madden
              Reporter:
              neil.madden Neil Madden
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: