Bug 47718 - ManagerBase leaks fd to /dev/urandom when context stopped
Summary: ManagerBase leaks fd to /dev/urandom when context stopped
Alias: None
Product: Tomcat 5
Classification: Unclassified
Component: Catalina (show other bugs)
Version: 5.5.27
Hardware: PC Linux
: P2 normal (vote)
Target Milestone: ---
Assignee: Tomcat Developers Mailing List
Depends on:
Reported: 2009-08-20 14:48 UTC by George Sexton
Modified: 2010-01-25 21:22 UTC (History)
0 users


Note You need to log in before you can comment on or make changes to this bug.
Description George Sexton 2009-08-20 14:48:26 UTC
On operating systems where /dev/urandom exists, org.apache.catalina.session.ManagerBase will use it as a source of data for getRandomBytes().

If you stop a context or undeploy a host, the number of file descriptors that have /dev/urandom open tomcat remains constant.

For example, if you use the manager application to stop or undeploy a context, the number of file descriptors to /dev/urandom is the same as before the stop.

File descriptor use is determined by using lsof or examining the /proc/<pid>/fd directory on Linux.

The same issue is seen if you undeploy a virtual host.

If you undeploy/deploy a context, or remove/add a virtual host, the # of file descriptors to /dev/urandom will increase each time.

This is because ManagerBase does not close the DataInputStream it holds to /dev/urandom.

The patch shown below resolves this issue. Stopping a context, or undeploying a virtual host will close the session manager's reference to /dev/urandom.

--- apache-tomcat-5.5.28-src/container/catalina/src/share/org/apache/catalina/session/ManagerBase.java	2009-07-24 13:35:00.000000000 -0600
+++ apache-tomcat-5.5.28-gls/container/catalina/src/share/org/apache/catalina/session/ManagerBase.java	2009-08-20 13:38:03.000000000 -0600
@@ -688,10 +688,17 @@

    public void destroy() {
         if( oname != null )
             Registry.getRegistry(null, null).unregisterComponent(oname);
+        if (randomIS!=null) {
+            try {
+                randomIS.close();
+            } catch (IOException ioe) {
+            }
+            randomIS=null;
+        }
         oname = null;
         // Don't clear log since it is required in case attributes are changed
         // (eg via JMX) whilst the manager is stopped.
Comment 1 George Sexton 2009-10-23 11:38:12 UTC
This issue also applies to Tomcat 6.0.20.
Comment 2 Mark Thomas 2009-11-22 11:41:38 UTC
Many thanks for the patch. It has been applied to trunk and proposed for 6.0.x and 5.5.x
Comment 3 Mark Thomas 2009-12-16 08:40:14 UTC
The patch has been applied to 6.0.x and will be included in 6.0.21 onwards.
Comment 4 Konstantin Kolinko 2010-01-25 21:22:59 UTC
The patch was applied to 5.5, will be in 5.5.29 onwards. Thank you.