From 226dd3a5e589ad8269585a0767819619166eebf4 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Felix=20D=C3=B6rre?= Date: Fri, 20 Feb 2015 03:00:26 +0100 Subject: [PATCH] Fix: exceptional resource leaks from coverty --- .../gigi/database/DatabaseConnection.java | 36 +++--- .../cacert/gigi/dbObjects/Certificate.java | 6 +- src/org/cacert/gigi/email/Sendmail.java | 117 +++++++++--------- src/org/cacert/gigi/util/DNSUtil.java | 13 +- 4 files changed, 89 insertions(+), 83 deletions(-) diff --git a/src/org/cacert/gigi/database/DatabaseConnection.java b/src/org/cacert/gigi/database/DatabaseConnection.java index ef9b19cc..eac822bd 100644 --- a/src/org/cacert/gigi/database/DatabaseConnection.java +++ b/src/org/cacert/gigi/database/DatabaseConnection.java @@ -41,10 +41,13 @@ public class DatabaseConnection { try { c = DriverManager.getConnection(credentials.getProperty("sql.url") + "?zeroDateTimeBehavior=convertToNull", credentials.getProperty("sql.user"), credentials.getProperty("sql.password")); PreparedStatement ps = c.prepareStatement("SET SESSION wait_timeout=?, time_zone='+0:00';"); - ps.setInt(1, CONNECTION_TIMEOUT); - ps.execute(); - ps.close(); - adHoc = c.createStatement(); + try { + ps.setInt(1, CONNECTION_TIMEOUT); + ps.execute(); + adHoc = c.createStatement(); + } finally { + ps.close(); + } } catch (SQLException e) { e.printStackTrace(); } @@ -119,20 +122,23 @@ public class DatabaseConnection { private static void upgrade(int version) { try { Statement s = getInstance().c.createStatement(); - while (version < CURRENT_SCHEMA_VERSION) { - try (InputStream resourceAsStream = DatabaseConnection.class.getResourceAsStream("upgrade/from_" + version + ".sql")) { - if (resourceAsStream == null) { - throw new Error("Upgrade script from version " + version + " was not found."); + try { + while (version < CURRENT_SCHEMA_VERSION) { + try (InputStream resourceAsStream = DatabaseConnection.class.getResourceAsStream("upgrade/from_" + version + ".sql")) { + if (resourceAsStream == null) { + throw new Error("Upgrade script from version " + version + " was not found."); + } + SQLFileManager.addFile(s, resourceAsStream, ImportType.PRODUCTION); } - SQLFileManager.addFile(s, resourceAsStream, ImportType.PRODUCTION); + version++; } - version++; + s.addBatch("INSERT INTO schemeVersion SET version='" + version + "'"); + System.out.println("UPGRADING Database to version " + version); + s.executeBatch(); + System.out.println("done."); + } finally { + s.close(); } - s.addBatch("INSERT INTO schemeVersion SET version='" + version + "'"); - System.out.println("UPGRADING Database to version " + version); - s.executeBatch(); - System.out.println("done."); - s.close(); } catch (SQLException e) { e.printStackTrace(); } catch (IOException e) { diff --git a/src/org/cacert/gigi/dbObjects/Certificate.java b/src/org/cacert/gigi/dbObjects/Certificate.java index affb1719..c0fb6285 100644 --- a/src/org/cacert/gigi/dbObjects/Certificate.java +++ b/src/org/cacert/gigi/dbObjects/Certificate.java @@ -273,9 +273,9 @@ public class Certificate { } File csrFile = KeyStorage.locateCsr(id); csrName = csrFile.getPath(); - FileOutputStream fos = new FileOutputStream(csrFile); - fos.write(csr.getBytes("UTF-8")); - fos.close(); + try (FileOutputStream fos = new FileOutputStream(csrFile)) { + fos.write(csr.getBytes("UTF-8")); + } GigiPreparedStatement updater = DatabaseConnection.getInstance().prepare("UPDATE certs SET csr_name=? WHERE id=?"); updater.setString(1, csrName); diff --git a/src/org/cacert/gigi/email/Sendmail.java b/src/org/cacert/gigi/email/Sendmail.java index 2c8958cb..3c915ab9 100644 --- a/src/org/cacert/gigi/email/Sendmail.java +++ b/src/org/cacert/gigi/email/Sendmail.java @@ -26,72 +26,69 @@ public class Sendmail extends EmailProvider { String[] bits = from.split(","); - Socket smtp = new Socket("localhost", 25); - PrintWriter out = new PrintWriter(smtp.getOutputStream()); - BufferedReader in = new BufferedReader(new InputStreamReader(smtp.getInputStream(), "UTF-8")); - readSMTPResponse(in, 220); - out.print("HELO www.cacert.org\r\n"); - out.flush(); - readSMTPResponse(in, 250); - out.print("MAIL FROM:\r\n"); - out.flush(); - readSMTPResponse(in, 250); - bits = to.split(","); - for (String user : bits) { - out.print("RCPT TO:<" + user.trim() + ">\r\n"); + try (Socket smtp = new Socket("localhost", 25); PrintWriter out = new PrintWriter(smtp.getOutputStream()); BufferedReader in = new BufferedReader(new InputStreamReader(smtp.getInputStream(), "UTF-8"));) { + readSMTPResponse(in, 220); + out.print("HELO www.cacert.org\r\n"); out.flush(); readSMTPResponse(in, 250); - } - out.print("DATA\r\n"); - out.flush(); - readSMTPResponse(in, 250); - out.print("X-Mailer: CAcert.org Website\r\n"); - // if (array_key_exists("REMOTE_ADDR", $_SERVER)) { - // out.print("X-OriginatingIP: ".$_SERVER["REMOTE_ADDR"]."\r\n"); - // } - // TODO - SimpleDateFormat emailDate = new SimpleDateFormat("E, d MMM yyyy HH:mm:ss ZZZZ (z)", Locale.ENGLISH); - out.print("Date: " + emailDate.format(new Date(System.currentTimeMillis())) + "\r\n"); - if (errorsto != null) { - out.print("Sender: " + errorsto + "\r\n"); - out.print("Errors-To: " + errorsto + "\r\n"); - } - if (replyto != null) { - out.print("Reply-To: " + replyto + "\r\n"); - } else { - out.print("Reply-To: " + from + "\r\n"); - } - out.print("From: support@" + ServerConstants.getWwwHostName().replaceAll("^www.", "") + "\r\n"); - out.print("To: " + to + "\r\n"); - if (NON_ASCII.matcher(subject).matches()) { + out.print("MAIL FROM:\r\n"); + out.flush(); + readSMTPResponse(in, 250); + bits = to.split(","); + for (String user : bits) { + out.print("RCPT TO:<" + user.trim() + ">\r\n"); + out.flush(); + readSMTPResponse(in, 250); + } + out.print("DATA\r\n"); + out.flush(); + readSMTPResponse(in, 250); + out.print("X-Mailer: CAcert.org Website\r\n"); + // if (array_key_exists("REMOTE_ADDR", $_SERVER)) { + // out.print("X-OriginatingIP: ".$_SERVER["REMOTE_ADDR"]."\r\n"); + // } + // TODO + SimpleDateFormat emailDate = new SimpleDateFormat("E, d MMM yyyy HH:mm:ss ZZZZ (z)", Locale.ENGLISH); + out.print("Date: " + emailDate.format(new Date(System.currentTimeMillis())) + "\r\n"); + if (errorsto != null) { + out.print("Sender: " + errorsto + "\r\n"); + out.print("Errors-To: " + errorsto + "\r\n"); + } + if (replyto != null) { + out.print("Reply-To: " + replyto + "\r\n"); + } else { + out.print("Reply-To: " + from + "\r\n"); + } + out.print("From: support@" + ServerConstants.getWwwHostName().replaceAll("^www.", "") + "\r\n"); + out.print("To: " + to + "\r\n"); + if (NON_ASCII.matcher(subject).matches()) { - out.print("Subject: =?utf-8?B?" + Base64.getEncoder().encodeToString(subject.getBytes("UTF-8")) + "?=\r\n"); - } else { - out.print("Subject: " + subject + "\r\n"); - } - StringBuffer headers = new StringBuffer(); - headers.append("Content-Type: text/plain; charset=\"utf-8\"\r\n"); - headers.append("Content-Transfer-Encoding: base64\r\n"); - // out.print(chunk_split(base64_encode(recode("html..utf-8", - // $message)))."\r\n.\r\n"); - headers.append("\r\n"); - headers.append(Base64.getEncoder().encodeToString(message.getBytes("UTF-8")).replaceAll("(.{64})(?=.)", "$1\r\n")); - headers.append("\r\n"); + out.print("Subject: =?utf-8?B?" + Base64.getEncoder().encodeToString(subject.getBytes("UTF-8")) + "?=\r\n"); + } else { + out.print("Subject: " + subject + "\r\n"); + } + StringBuffer headers = new StringBuffer(); + headers.append("Content-Type: text/plain; charset=\"utf-8\"\r\n"); + headers.append("Content-Transfer-Encoding: base64\r\n"); + // out.print(chunk_split(base64_encode(recode("html..utf-8", + // $message)))."\r\n.\r\n"); + headers.append("\r\n"); + headers.append(Base64.getEncoder().encodeToString(message.getBytes("UTF-8")).replaceAll("(.{64})(?=.)", "$1\r\n")); + headers.append("\r\n"); - try { - sendSigned(headers.toString(), out); - out.print("\r\n.\r\n"); + try { + sendSigned(headers.toString(), out); + out.print("\r\n.\r\n"); + out.flush(); + } catch (GeneralSecurityException e) { + e.printStackTrace(); + return; + } + readSMTPResponse(in, 250); + out.print("QUIT\n"); out.flush(); - } catch (GeneralSecurityException e) { - e.printStackTrace(); - smtp.close(); - return; + readSMTPResponse(in, 221); } - readSMTPResponse(in, 250); - out.print("QUIT\n"); - out.flush(); - readSMTPResponse(in, 221); - smtp.close(); } public static boolean readSMTPResponse(BufferedReader in, int code) throws IOException { diff --git a/src/org/cacert/gigi/util/DNSUtil.java b/src/org/cacert/gigi/util/DNSUtil.java index 7ebbf83d..f1d5f9f3 100644 --- a/src/org/cacert/gigi/util/DNSUtil.java +++ b/src/org/cacert/gigi/util/DNSUtil.java @@ -36,13 +36,16 @@ public class DNSUtil { env.put(Context.AUTHORITATIVE, "true"); env.put(Context.PROVIDER_URL, "dns://" + server); InitialDirContext context = new InitialDirContext(env); + try { - Attributes dnsLookup = context.getAttributes(name, new String[] { - "TXT" - }); - context.close(); + Attributes dnsLookup = context.getAttributes(name, new String[] { + "TXT" + }); + return extractTextEntries(dnsLookup.get("TXT")); + } finally { + context.close(); + } - return extractTextEntries(dnsLookup.get("TXT")); } private static String[] extractTextEntries(Attribute nsRecords) throws NamingException { -- 2.39.2