Unreleased Resource: Streams
- by Vibhas
Hi freinds i am getting a warning in the fortify report for the following code:
if (null != serverSocket) {
OutputStream socketOutPutStream = serverSocket
.getOutputStream();
if (null != socketOutPutStream) {
oos = new ObjectOutputStream(socketOutPutStream);
if (null != oos) {
int c;
log.info("i am in Step 3 ooss " + oos);
while ((c = mergedIS.read()) != -1) {
oos.writeByte(c);
}
}
log.info("i am in Step 4 ");
}
}
in the catch block i have mentioned :
catch (UnknownHostException e) {
//catch exception Vibhas added
log.info("UnknownHostException occured");
} catch (IOException e) {
//catch exception Vibhas added
log.info("IOException occured");
} catch (Exception e) {
//catch exception
//log.info("error occured in copyFile in utils-->"+e.getMessage()+"file name is-->"+destiFileName);
}finally{
if (null != oos){
oos.flush();
oos.close();
}
catch (Exception e) {
//catch exception
}
}
Warning which i am getting in the fortify report is:
Abstract: The function copyFile() in ODCUtil.java sometimes fails to release a system resource
allocated by getOutputStream() on line 61.
Sink: ODCUtil.java:64 oos = new ObjectOutputStream(socketOutPutStream)()
62 if (null != socketOutPutStream) {
63
64 oos = new ObjectOutputStream(socketOutPutStream);
65 if (null != oos) {
66 int c;