FileSanitizer writes temp files but makes no attempt to clean them up

Description

FileSanitizer.sanitize() creates a temp file in the system temp dir (as opposed to the application's temp dir) and makes no attempt to clean it up. FileSanitizer.cleanUpTempFiles() exists, but it is only called by the unit test. File.createTempFile does not perform deleteOnExit() registration, so failing to clean these files up means they must be cleaned up by customers manually.

There are two distinct problems here:

  • If possible, temp files should be created in the application's temp dir, rather than the system one

  • Regardless of where the temp files are created, they should be deleted when processing is complete

Environment

None

Activity

Show:
Matt Doar
July 17, 2020, 5:19 PM

I see them now, not too large or too many, so not too worried. But yes they should be deleted

Jamie Moynihan
July 17, 2020, 1:44 AM

Hey That’s good! We put the files into the application-home/t*mp directory depending on the product. Unfortunately, due to how the code was structured, we elected to delete the files on exit of the product. I acknowledge this might not be ideal, but the work required to rework the code is more than the team can take on right now.

Matt Doar
July 17, 2020, 1:09 AM

I don’t see anything in /var/tmp on RHEL7 with Jira 8.5.4 and ATST 1.25.0

Fixed

Assignee

Unassigned

Reporter

Bryan Turner

Components

Labels

None

Add-on Type

None

Team

None

CC

None

Risk factor

None

Affected Product/s

None

Fix versions

Priority

Minor