JDK-8255559 : Leak File Descriptors Because of ResolverLocalFilesystem#engineResolveURI()
  • Type: Bug
  • Component: security-libs
  • Sub-Component: javax.xml.crypto
  • Affected Version: 8u261
  • Priority: P3
  • Status: Resolved
  • Resolution: Fixed
  • Submitted: 2020-10-28
  • Updated: 2022-11-25
  • Resolved: 2020-11-11
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 11 JDK 16 JDK 8 Other
11.0.11-oracleFixed 16 b24Fixed 8u271Fixed openjdk8u362Fixed
Description
While validating XML signature, ResolverLocalFilesystem.engineResolveURI() opens a new Input Stream which is never closed leading to leakage in file descriptor.
When large number of files are validated, new file descriptor allocation might fail causing the application to fail.
Comments
Fix Request [8u] Clean backport from 11u, removing a file descriptor leak with a try-finally block. Fix is already in Oracle's 8u since 8u291.
10-11-2022
A pull request was submitted for review. URL: https://git.openjdk.org/jdk8u-dev/pull/165 Date: 2022-11-09 15:52:35 +0000
09-11-2022
Fix Request Should get backported for parity with 11.0.11-oracle. Applies cleanly.
28-12-2020
Changeset: 6e8b8628 Author: prajwal_kumaraswamy <prajwal.kumaraswamy@oracle.com> Committer: Sean Coffey <coffeys@openjdk.org> Date: 2020-11-11 09:24:42 +0000 URL: https://github.com/openjdk/jdk/commit/6e8b8628
11-11-2020
Fix has been included in apache code. https://github.com/apache/santuario-xml-security-java/pull/9
09-11-2020