|
Re: Security scan issues [message #1396718 is a reply to message #1396279] |
Tue, 08 July 2014 17:28 |
Ed Merks Messages: 33142 Registered: July 2009 |
Senior Member |
|
|
These EMF warnings are all bogus, i.e., shortcomings in the flow analysis.
On 08/07/2014 4:09 PM, Mahesh Srikrishnan wrote:
> Hi,
>
> We are using eclipse emf bundles inside our projects as dependencies and we did a security scan internally (Internal Scan process) along with the eclipse bundles and we found the following issues.
>
> ArchiveURLConnection.java
>
> Unreleased Resource: Files (Code Quality, Control Flow)
>
> The function getInputStream() in ArchiveURLConnection.java sometimes fails to release a file handle allocated by ZipFile() on line 233.
>
> ResourceImpl.java
>
> The function saveOnlyIfChangedWithMemoryBuffer() in ResourceImpl.java sometimes fails to release a system resource allocated by getUnderlyingInputStream() on line 1141.
>
> The function load() in ResourceImpl.java sometimes fails to release a system resource allocated by getUnderlyingInputStream() on line 1488.
>
> URIHandlerImpl.java
> The function contentDescription() in URIHandlerImpl.java sometimes fails to release a system resource allocated by createInputStream() on line 245.
>
> WSDLReaderImpl.java
> The function readWSDL() in WSDLReaderImpl.java sometimes fails to release a system resource allocated by getByteStream() on line 193.
>
>
> Can anyone please help us here in finding that these are known issues? or is there any mitigation plan" or we have to do something from our application for this?.
>
> Thanks in advance.
>
> Regards,
> Mahesh
Ed Merks
Professional Support: https://www.macromodeling.com/
|
|
|
Powered by
FUDForum. Page generated in 0.03368 seconds