[jcifs] JCIFS 1.1.2: Bug in SmbTransport.getSmbSession

Michael B Allen mba2000 at ioplex.com
Wed Dec 1 00:25:18 GMT 2004

Roland Knight said:
> The fix to getSmbSession is below:
>     synchronized SmbSession getSmbSession( NtlmPasswordAuthentication auth
> )
> {
> ...
>             while( iter.hasNext() ) {
>                 ssn = (SmbSession)iter.next();
>                 if( ssn.expiration < now ) {
>                     ssn.logoff( false );
>                     iter.remove();

Applied. But technically it shouldn't be necessary because the sessions
member is protected by the transport lock. I believe the real cause of the
ConcurrentModificationException was an unsynchronized
trans.sessions.size() that I recently added w/
SmbSession.java:getChallengeForDomain(). I have synchronized that as well
of course.

Truthfully the locking in jCIFS is fragile. The whole locking behavior
should really be redesigned at this point but it's not an easy task. I
just spent a few hours on it and decided to give up and play it safe with
small changes to plug the immediate problem.

New files will be available in a few hours. Pardon the delay, I was busy
eating turkey, apple pie, and ice cream :->


More information about the jcifs mailing list