New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
BridgeMethodResolver resolveAll does not close InputStream #115
Comments
You are very much right. I just applied your patch with a few modifications. This is serious enough to fix despite of the dormant state. @sameb could you trigger a new release? |
Thanks very much @raphw for the very prompt attention. |
lets see if i can remember how to do this... |
looks like travis is failing for JDK6 for a weird reason:
any idea what that's about? |
(also did you want to update the ASM version before i do a new release?) |
From the build log:
My guess is that because it can't find /usr/lib/jvm/java-1.6.0-openjdk-amd64, the jdk_switcher doesn't actually set JAVA_HOME, and it ends up using whatever is the default Java which appears to be a Java 8 JRE. |
I found some more info on the travis openjdk6 failure. It looks like travis no longer supports openjdk6 out of the box due to a switch in the Ubuntu images it uses. See travis-ci/travis-ci#8199 It can still be made to work, though, as shown for example here: scala/scala-parser-combinators@daf9fe2 It looks like the essential peice is to add this to your project's .travis.yml file:
|
nice! added in baeb5e3, though now it fails with:
... looks like maven doesn't like java6. :-/ |
I updated ASM, good catch! |
Hmm, travis has also updated the maven version it uses to 3.3+, which no longer support Java 6. Maven 3.2.5 was the last one to support Java 6. You could try another change to .travis.yml, this time to add these four lines to the beginning of the before_script:
So the complete before_script section would look like this:
|
I'm glad to see you got past the build / test problems. By the way, I've filed a Jira issue for Spring about this too (https://jira.spring.io/browse/SPR-16267) and Juergen Hoeller responded that they'll pick up cglib 3.2.6 once it is released. Do you know when that might be? I'm hoping that the timing will allow this to make it into the next Spring 4.3.x release. |
I cannot release cglib but maybe @sameb can do it now that the build is ok again. |
i'll take a look tomorrow evening |
Please release 3.2.6. |
From a Spring perspective, we need CGLIB 3.2.6 by January 22nd for pick-up in the Spring Framework 5.0.3 and 4.3.14 releases. @sameb, your timely efforts would be much appreciated! |
Yes @sameb please please release this in time for the Spring release. My customers are really frustrated by their inability to undeploy/redeploy my web applications in Tomcat 8.5, and to fix that I need not just the new cglib but the a new Spring that incorporates it. |
@sameb are you reading? A response with your plans, please? The Spring release deadline is now just a few days away on this coming Monday Jan 22. |
Yes reading. Life is getting in the way. Will do this when I have some free
time. Hopefully before the 22nd.
…On Thu, Jan 18, 2018, 10:14 AM yogregg ***@***.***> wrote:
@sameb <https://github.com/sameb> are you reading? A response with your
plans, please? The Spring release deadline is now just a few days away on
this coming Monday Jan 22.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#115 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/ACC7Es-d2nQgwR9apT60-Uc2rt0TX53Zks5tL1_GgaJpZM4Q1CcP>
.
|
just released 3.2.6. should be a couple hours before it's available on maven. |
Thank you very much @sameb |
Picked up for the upcoming Spring Framework releases now. Thanks a lot, @sameb! |
I uncovered a problem in BridgeMethodResolver resolveAll: it opens an InputStream that is never closed.
The problem is in cglib/cglib/src/main/java/net/sf/cglib/proxy/BridgeMethodResolver.java, in line 63 of resolveAll, which has this code:
The stream returned by classsLoader.getResourceAsStream is never closed. The ClassReader instance that it is passed to doesn't close it, and nothing else holds a reference to it that could be used to close it.
The fix is simple, and I've attached a patch file for it. The heart of it is this change to the above code block:
Here is the patch file:
BridgeMethodResolver.zip
I noticed this when using cglib indirectly via the Spring framework. When my web application is deployed to Tomcat 8.5 on Windows, Tomcat refuses to undeploy the web application -- I have to shut down the entire Tomcat server. This happens because Tomcat's classloader keeps a Windows file lock on jar files when someone has an open input stream on one of the classes in the jar file (when opened by classLoader.getResourceAsStream). This is a substantial problem for users of my web application, since they cannot upgrade it without shutting down Tomcat, which often means that user get kicked out of all other web applications that Tomcat is hosting.
The change above resolved the problem I was having in Spring with Tomcat 8.5.
The text was updated successfully, but these errors were encountered: