You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@pdfbox.apache.org by "John Hewson (JIRA)" <ji...@apache.org> on 2014/06/10 20:45:03 UTC
[jira] [Comment Edited] (PDFBOX-712) SecurityHandlersManager May
stop the application Server when running PDFParser in a Servlet.
[ https://issues.apache.org/jira/browse/PDFBOX-712?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14026824#comment-14026824 ]
John Hewson edited comment on PDFBOX-712 at 6/10/14 6:43 PM:
-------------------------------------------------------------
In 2.0 the exceptions will never be thrown - they're a quirk of old fashioned Java API design. IllegalStateException can be thrown if the user registers the same provider twice, but that can't happen until after the static initializer has been called, so you're always safe.
In 1.8 calling System.exit() is obviously horrible, however none of the conditions which trigger an exception are true when calling registerHandler from SecurityHandlersManager(), so the catch block can safely be replaced with:
{code}
catch(BadSecurityHandlerException e)
{
// should never happen
return new RuntimeException(e);
}
{code}
was (Author: jahewson):
In 2.0 the exceptions will never be thrown - they're a quirk of old fashioned Java API design. IllegalStateException can be thrown if the user registers the same provider twice, but that can't happen until after the static initializer has been called, so you're always safe.
In 1.8 calling System.exit() is obviously horrible, however none of the conditions which trigger an exception are ever true when calling registerHandler from SecurityHandlersManager(), so the catch block can safely be replaced with:
{code}
catch(BadSecurityHandlerException e)
{
// should never happen
return new RuntimeException(e);
}
{code}
> SecurityHandlersManager May stop the application Server when running PDFParser in a Servlet.
> --------------------------------------------------------------------------------------------
>
> Key: PDFBOX-712
> URL: https://issues.apache.org/jira/browse/PDFBOX-712
> Project: PDFBox
> Issue Type: New Feature
> Components: PDModel
> Affects Versions: 1.1.0
> Reporter: Peter_Lenahan@ibi.com
> Priority: Minor
>
> When parsing a PDF document within an Application Server, you should never have a code path which call System.exit()
> I am not sure what invokes the Class org.apache.pdfbox.pdmodel.encryption.SecurityHandlersManager() from with the code, so I have not a clue how to fix this.
> I imagine that the best place to notify PDFBox that it is running in an application would be something like this.
> PDDocument.setApplication(true or false);
> I would like to be able to tell the Parser that it is not running as an application so this code is never hit, but I did not see a way to do this.
>
> catch(Exception e)
> {
> System.err.println("SecurityHandlersManager strange error with builtin handlers: " + e.getMessage());
> System.exit(1);
> }
> Bug: new org.apache.pdfbox.pdmodel.encryption.SecurityHandlersManager() invokes System.exit(...), which shuts down the entire virtual machine
> Pattern id: DM_EXIT, type: Dm, category: BAD_PRACTICE
> Invoking System.exit shuts down the entire Java virtual machine. This should only been done when it is appropriate. Such calls make it hard or impossible for your code to be invoked by other code. Consider throwing a RuntimeException instead.
--
This message was sent by Atlassian JIRA
(v6.2#6252)