Google Git
Sign in
apache/santuario-xml-security-java/refs/heads/reference_inputstream^!/.
commit
7999629140558eb46440fc639613e994b3425b45
[log]
author
Colm O hEigeartaigh <coheigea@apache.org>
Mon Nov 09 07:38:13 2020 +0000
committer
Colm O hEigeartaigh <coheigea@apache.org>
Tue Nov 10 09:12:09 2020 +0000
tree
3f131fd258b373c0780af1e64f6a9d36563edf72
parent
c62424c2ad61d4ed0a3b0a2c65c09f2f4b483b8a [diff]
Close the Reference InputStream after it's read

diff --git a/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMReference.java b/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMReference.java
index 5292e56..f0a33d6 100644
--- a/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMReference.java
+++ b/src/main/java/org/apache/jcp/xml/dsig/internal/dom/DOMReference.java

@@ -441,6 +441,7 @@
             dos = new DigesterOutputStream(md);
         }
         Data data = dereferencedData;
+        XMLSignatureInput xi = null;
         try (OutputStream os = new UnsyncBufferedOutputStream(dos)) {
             for (int i = 0, size = transforms.size(); i < size; i++) {
                 DOMTransform transform = (DOMTransform)transforms.get(i);
@@ -452,7 +453,6 @@
             }
 
             if (data != null) {
-                XMLSignatureInput xi;
                 // explicitly use C14N 1.1 when generating signature
                 // first check system property, then context property
                 boolean c14n11 = useC14N11;
@@ -540,6 +540,13 @@
                 | IOException | org.apache.xml.security.c14n.CanonicalizationException e) {
             throw new XMLSignatureException(e);
         } finally { //NOPMD
+            if (xi != null && xi.getOctetStreamReal() != null) {
+                try {
+                    xi.getOctetStreamReal().close();
+                } catch (IOException e) {
+                    throw new XMLSignatureException(e);
+                }
+            }
             if (dos != null) {
                 try {
                     dos.close();

diff --git a/src/main/java/org/apache/xml/security/signature/Reference.java b/src/main/java/org/apache/xml/security/signature/Reference.java
index c329c3a..a8a3527 100644
--- a/src/main/java/org/apache/xml/security/signature/Reference.java
+++ b/src/main/java/org/apache/xml/security/signature/Reference.java

@@ -701,10 +701,11 @@
         MessageDigestAlgorithm mda = this.getMessageDigestAlgorithm();
         mda.reset();
 
+        XMLSignatureInput output = null;
         try (DigesterOutputStream diOs = new DigesterOutputStream(mda);
             OutputStream os = new UnsyncBufferedOutputStream(diOs)) {
 
-            XMLSignatureInput output = this.getContentsAfterTransformation(input, os);
+            output = this.getContentsAfterTransformation(input, os);
             this.transformsOutput = output;
 
             // if signing and c14n11 property == true explicitly add
@@ -723,16 +724,20 @@
             }
             os.flush();
 
-            if (output.getOctetStreamReal() != null) {
-                output.getOctetStreamReal().close();
-            }
-
             //this.getReferencedBytes(diOs);
             //mda.update(data);
 
             return diOs.getDigestValue();
         } catch (XMLSecurityException | IOException ex) {
             throw new ReferenceNotInitializedException(ex);
+        } finally { //NOPMD
+            try {
+                if (output != null && output.getOctetStreamReal() != null) {
+                    output.getOctetStreamReal().close();
+                }
+            } catch (IOException ex) {
+                throw new ReferenceNotInitializedException(ex);
+            }
         }
     }