Deal with partially constructed objects during finalize(). (#1157)

The happy path for shutting down a ConscryptEngine is one of the close* methods which then calls closeAndFreeResources() synchronised on ssl, so all the logic can assume ssl is non-null. However it also seems to be possible for ssl to be null when finalizing, presumably if newSsl() threw, e.g. due to low memory. If this is the case then we don't need to do anything as e.g. there cannot be any session snapshot which needs saving. And if ssl is non-null then the finalizer should also synchronise of ssl for thread safety... *shouldn't* be necessary but does no harm.
google · Aug 11, 2023 · c0c3316 · c0c3316
1 parent 68d7df4
commit c0c3316
Showing 1 changed file with 7 additions and 1 deletion.
diff --git a/common/src/main/java/org/conscrypt/ConscryptEngine.java b/common/src/main/java/org/conscrypt/ConscryptEngine.java
@@ -1681,7 +1681,13 @@ private void closeAndFreeResources() {
     @SuppressWarnings("deprecation")
     protected void finalize() throws Throwable {
         try {
-            closeAndFreeResources();
+            // If ssl is null, object must not be fully constructed so nothing for us to do here.
+            if (ssl != null) {
+                // Otherwise closeAndFreeResources() and callees expect to synchronize on ssl.
+                synchronized (ssl) {
+                    closeAndFreeResources();
+                }
+            }
         } finally {
             super.finalize();
         }