https://sourceforge.net/p/xsocket/bugs/24/Recent changes to 24: Possible information leakage from IoSocketDispatcher through an IOException without LOGGER severe control such as LOG.isLoggable(Level.SEVERE)enSun, 22 Nov 2020 18:13:31 -0000https://sourceforge.net/p/xsocket/bugs/24/?limit=25#7e4c<div class="markdown_content"><p>Could I open a PR for it?</p></div>Xiaoqin FuSun, 22 Nov 2020 18:13:31 -0000https://sourceforge.netaf48ae59ab485e0f07962d2184a213c4ae8020aahttps://sourceforge.net/p/xsocket/bugs/24/<div class="markdown_content"><p>In org.xsocket.connection.IoSocketDispatcher, <br/> public IoSocketDispatcher(AbstractMemoryManager memoryManager, String name) {<br/> ......<br/> try {<br/> selector = Selector.open();<br/> } catch (IOException ioe) {<br/> String text = "exception occured while opening selector. Reason: " + ioe.toString();<br/> LOG.isLoggable(Level.SEVERE)<br/> LOG.severe(text);<br/> throw new RuntimeException(text, ioe);<br/> }<br/> ......<br/> }<br/> Sensitive information about the selector may be leaked. The LOG.isLoggable(Level.SEVERE) conditional statement should be added<br/> public IoSocketDispatcher(AbstractMemoryManager memoryManager, String name) {<br/> ......<br/> try {<br/> selector = Selector.open();<br/> } catch (IOException ioe) {<br/> String text = "exception occured while opening selector. Reason: " + ioe.toString();<br/> if (LOG.isLoggable(Level.SEVERE))<br/> LOG.severe(text);<br/> throw new RuntimeException(text, ioe);<br/> }<br/> ......<br/> }</p></div>Xiaoqin FuSat, 03 Aug 2019 17:49:34 -0000https://sourceforge.nete5b13efccdd3d2c28ac58202d3ba0afeb03d5422