You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
FileInputStream inputStream = null;
try {
inputStream = new FileInputStream(new File(policyFilePath));
appGuardConfig = ConfigurationParser.readConfigurationFile(inputStream, webRootDir);
lastConfigReadTime = System.currentTimeMillis();
configurationFilename = policyFilePath;
} catch (ConfigurationException e ) {
// TODO: It would be ideal if this method through the ConfigurationException rather than catching it and
// writing the error to the console.
e.printStackTrace();
} finally {
if (inputStream != null) {
try {
inputStream.close();
} catch (IOException e) {
e.printStackTrace();
}
}
}
}
Eamonn,
Would you like this work to be considered for the ESAPI hackathon contest? If so, please email me ASAP. Thanks.
-kevin wall kevin.w.wall@gmail.com
From eamonn.w...@gmail.com on November 26, 2013 14:48:44
I have V2.1 sources.
2 places in ESAPIWebApplicationFirewallFilter.java do not close file streams.
The corrected 2 methods are:
public void setConfiguration( String policyFilePath, String webRootDir ) throws FileNotFoundException {
/* and the block ... */
FileInputStream inputStream = null;
Original issue: http://code.google.com/p/owasp-esapi-java/issues/detail?id=314
The text was updated successfully, but these errors were encountered: