-
Notifications
You must be signed in to change notification settings - Fork 5.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
6714834: JarFile.getManifest() leaves an open InputStream as an undocumented side effect #186
Conversation
…umented side effect Reviewed-By:
👋 Welcome back jpai! A progress list of the required criteria for merging this PR into |
@jaikiran The following labels will be automatically applied to this pull request: When this pull request is ready to be reviewed, an RFR email will be sent to the corresponding mailing lists. If you would like to change these labels, use the |
Webrevs
|
man = new Manifest(super.getInputStream(manEntry), getName()); | ||
try (final InputStream is = super.getInputStream(manEntry)) { | ||
man = new Manifest(is, getName()); | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There is a cleaner so shouldn't have a leak, even if the JarFile is not explicitly closed.
The noisy "final" can be dropped, otherwise looks good.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you for the review Alan. I've updated this PR to remove the final
. And yes as you note, this doesn't really leak. This change closes the InputStream earlier, as soon as it is done, instead of waiting for the Cleaner
to kick in.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hi Jaikiran,
This is not an area I know too well - so I won't review formally, but the proposed changes look reasonable to me. Closing the stream from within JarFile
after creating the manifest looks innocuous and should release any resource held by the stream earlier instead of waiting for the JarFile
to be closed. As long as the input stream close()
method is idem potent this should be safe, and AFAICS that is the case for the two input stream subclasses that can be returned by ZipFile::getInputStream
.
WRT to the claims in the JBS issue I see that that was logged against Java 6: there was no Cleanable
at this time and it is possible that the internals of ZipFile/JarFile were quite different.
Thank you for the review Daniel.
You are right. I hadn't paid attention to that detail. It's likely that it might have been behaving differently at that time. As for this:
I'm curious, in the context of this change, why idempotency would be a necessity. Would there be a "double close" somehow on this |
My bad - I hadn't realised closing the input stream would also remove it from the Cleanable resource set, so I thought it might be closed again when the jar file is closed. |
I think I understand what you meant. You were perhaps talking about the |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I am fine with this as well. I will pull over the change and just sanity check it via mach5 and then will sponsor
@jaikiran This change now passes all automated pre-integration checks. In addition to the automated checks, the change must also fulfill all project specific requirements After integration, the commit message will be:
Since the source branch of this PR was last updated there have been 24 commits pushed to the
As there are no conflicts, your changes will automatically be rebased on top of these commits when integrating. If you prefer to avoid automatic rebasing, please merge As you do not have Committer status in this projectan existing Committer must agree to sponsor your change. Possible candidates are the reviewers of this PR (@dfuch, @LanceAndersen, @AlanBateman) but any other Committer may sponsor as well. ➡️ To flag this PR as ready for integration with the above commit message, type |
/sponsor |
@LanceAndersen The change author (@jaikiran) must issue an |
@jaikiran Please go ahead and integrate this and I can then sponsor (has to be done in that order) |
/integrate |
/sponsor |
@LanceAndersen @jaikiran Since your change was applied there have been 24 commits pushed to the
Your commit was automatically rebased without conflicts. Pushed as commit 671dfba. 💡 You may see a message that your pull request was closed with unmerged commits. This can be safely ignored. |
Can I please get a review and a sponsor for this patch which fixes the issue reported in https://bugs.openjdk.java.net/browse/JDK-6714834?
As noted by the reporter in that issue, when the
java.util.jar.JarFile.getManifest()
method is called, it internally calls the privategetManifestFromReference
. This private method implementation opens anInputStream
for passing it on to the constructor of theManifest
, but never closes it. The commit here fixes that part to use atry-with-resources
to close theInputStream
once theManifest
instance is created.This issue is only applicable when the
JarFile
is created withverify
asfalse
, which isn't the default.In that issue report, there's also a mention that this can lead to incorrect manifest files ending up in jar files:
I have gone through the code to see how this can happen and have also done some testing to see if this is possible. But my tests and the code haven't shown this as a possibilty. The
Manifest
doesn't store anyInputStream
once it's created nor does theJarFile
store that stream. Although theZipFile
, whichJarFile
extends from, does store these openedInputStreams
into aSet
, it only does it to close them as part of thejava.lang.ref.Cleaner
contract and from what I can see, none of these APIs return or use these storedInputStream
s for any other purpose. So I don't see how a leakingInputStream
can lead to a wrongManifest
ending up in a copy of aJarFile
. So the commit in this PR only addresses the leakingInputStream
.I haven't added any new tests to verify this fix because given the nature of this issue, I couldn't think of a consistent and determinstic way to verify it. I have however run the
jdk:tier1
tests locally which hasn't shown any related failures.Progress
Issue
Reviewers
Download
$ git fetch https://git.openjdk.java.net/jdk pull/186/head:pull/186
$ git checkout pull/186