You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@commons.apache.org by "Gregor K (JIRA)" <ji...@apache.org> on 2011/04/07 10:06:05 UTC

[jira] [Created] (FILEUPLOAD-189) DiskFileItemFactory use of FileCleaningTracker is documated or coded wrong

DiskFileItemFactory use of FileCleaningTracker is documated or coded wrong
--------------------------------------------------------------------------

                 Key: FILEUPLOAD-189
                 URL: https://issues.apache.org/jira/browse/FILEUPLOAD-189
             Project: Commons FileUpload
          Issue Type: Bug
            Reporter: Gregor K
            Priority: Minor


Regarding latest SVN revision:

The DiskFileItemFactory documents:
Temporary files are automatically deleted as soon as they are no longer needed. (More precisely, when the corresponding instance of {@link java.io.File} is garbage collected.)

But the code in DiskFileItemFactory.createItem() is doing:
tracker.track(result.getTempFile(), this);

Which means the file is cleaned when DiskFileItemFactory is garbage collected.

This error is propably introduced in Rev 578253 when the code was moved from DiskFileItem to DiskFileItemFactory, without changing "this" (which was DiskFileItem) and is not DiskFileItemFactory.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] [Commented] (FILEUPLOAD-189) DiskFileItemFactory use of FileCleaningTracker is documated or coded wrong

Posted by "Shinya Nishinaka (JIRA)" <ji...@apache.org>.

    [ https://issues.apache.org/jira/browse/FILEUPLOAD-189?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13506382#comment-13506382 ] 

Shinya Nishinaka commented on FILEUPLOAD-189:
---------------------------------------------

I think this issue Critical , too.

If the lifecycle of DiskFileItemFactory object is shorter than DiskFileItem, There is a possibility that the temporary files are deleted before DiskFileItem#getInputStream() is called.
This causes upload files will be lost.
                
> DiskFileItemFactory use of FileCleaningTracker is documated or coded wrong
> --------------------------------------------------------------------------
>
>                 Key: FILEUPLOAD-189
>                 URL: https://issues.apache.org/jira/browse/FILEUPLOAD-189
>             Project: Commons FileUpload
>          Issue Type: Bug
>            Reporter: Gregor K
>            Priority: Minor
>         Attachments: FILEUPLOAD-189.patch
>
>   Original Estimate: 1h
>  Remaining Estimate: 1h
>
> Regarding latest SVN revision:
> The DiskFileItemFactory documents:
> Temporary files are automatically deleted as soon as they are no longer needed. (More precisely, when the corresponding instance of {@link java.io.File} is garbage collected.)
> But the code in DiskFileItemFactory.createItem() is doing:
> tracker.track(result.getTempFile(), this);
> Which means the file is cleaned when DiskFileItemFactory is garbage collected.
> This error is propably introduced in Rev 578253 when the code was moved from DiskFileItem to DiskFileItemFactory, without changing "this" (which was DiskFileItem) and is not DiskFileItemFactory.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] [Updated] (FILEUPLOAD-189) DiskFileItemFactory use of FileCleaningTracker is documated or coded wrong

Posted by "Jan Novotný (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/FILEUPLOAD-189?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jan Novotný updated FILEUPLOAD-189:
-----------------------------------

    Attachment: FILEUPLOAD-189.patch

Proposed patch.
                
> DiskFileItemFactory use of FileCleaningTracker is documated or coded wrong
> --------------------------------------------------------------------------
>
>                 Key: FILEUPLOAD-189
>                 URL: https://issues.apache.org/jira/browse/FILEUPLOAD-189
>             Project: Commons FileUpload
>          Issue Type: Bug
>            Reporter: Gregor K
>            Priority: Minor
>         Attachments: FILEUPLOAD-189.patch
>
>   Original Estimate: 1h
>  Remaining Estimate: 1h
>
> Regarding latest SVN revision:
> The DiskFileItemFactory documents:
> Temporary files are automatically deleted as soon as they are no longer needed. (More precisely, when the corresponding instance of {@link java.io.File} is garbage collected.)
> But the code in DiskFileItemFactory.createItem() is doing:
> tracker.track(result.getTempFile(), this);
> Which means the file is cleaned when DiskFileItemFactory is garbage collected.
> This error is propably introduced in Rev 578253 when the code was moved from DiskFileItem to DiskFileItemFactory, without changing "this" (which was DiskFileItem) and is not DiskFileItemFactory.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] [Commented] (FILEUPLOAD-189) DiskFileItemFactory use of FileCleaningTracker is documated or coded wrong

Posted by "Jan Novotný (JIRA)" <ji...@apache.org>.

    [ https://issues.apache.org/jira/browse/FILEUPLOAD-189?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13459006#comment-13459006 ] 

Jan Novotný commented on FILEUPLOAD-189:
----------------------------------------

I think this issue should be considered as Critical. DiskFileItemFactory is usually used as singleton object and thus this behaviour leads to OutOfMemory exceptions, because file tracker never removes corresponding temp files and list of tracker only gets bigger and bigger. We noticed this problem when our server passed through several crashes due to OOM when someone started penetration test on our site which uploaded files through publicly accessible form.
                
> DiskFileItemFactory use of FileCleaningTracker is documated or coded wrong
> --------------------------------------------------------------------------
>
>                 Key: FILEUPLOAD-189
>                 URL: https://issues.apache.org/jira/browse/FILEUPLOAD-189
>             Project: Commons FileUpload
>          Issue Type: Bug
>            Reporter: Gregor K
>            Priority: Minor
>   Original Estimate: 1h
>  Remaining Estimate: 1h
>
> Regarding latest SVN revision:
> The DiskFileItemFactory documents:
> Temporary files are automatically deleted as soon as they are no longer needed. (More precisely, when the corresponding instance of {@link java.io.File} is garbage collected.)
> But the code in DiskFileItemFactory.createItem() is doing:
> tracker.track(result.getTempFile(), this);
> Which means the file is cleaned when DiskFileItemFactory is garbage collected.
> This error is propably introduced in Rev 578253 when the code was moved from DiskFileItem to DiskFileItemFactory, without changing "this" (which was DiskFileItem) and is not DiskFileItemFactory.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] [Comment Edited] (FILEUPLOAD-189) DiskFileItemFactory use of FileCleaningTracker is documated or coded wrong

Posted by "Shinya Nishinaka (JIRA)" <ji...@apache.org>.

    [ https://issues.apache.org/jira/browse/FILEUPLOAD-189?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13506382#comment-13506382 ] 

Shinya Nishinaka edited comment on FILEUPLOAD-189 at 11/29/12 10:54 AM:
------------------------------------------------------------------------

I think this issue Critical , too.

If the lifecycle of DiskFileItemFactory object is shorter than DiskFileItem, There is a possibility that the temporary files are deleted before DiskFileItem#get() is called.
This causes upload files will be lost.
                
      was (Author: nishinaka):
    I think this issue Critical , too.

If the lifecycle of DiskFileItemFactory object is shorter than DiskFileItem, There is a possibility that the temporary files are deleted before DiskFileItem#getInputStream() is called.
This causes upload files will be lost.
                  
> DiskFileItemFactory use of FileCleaningTracker is documated or coded wrong
> --------------------------------------------------------------------------
>
>                 Key: FILEUPLOAD-189
>                 URL: https://issues.apache.org/jira/browse/FILEUPLOAD-189
>             Project: Commons FileUpload
>          Issue Type: Bug
>            Reporter: Gregor K
>            Priority: Minor
>         Attachments: FILEUPLOAD-189.patch
>
>   Original Estimate: 1h
>  Remaining Estimate: 1h
>
> Regarding latest SVN revision:
> The DiskFileItemFactory documents:
> Temporary files are automatically deleted as soon as they are no longer needed. (More precisely, when the corresponding instance of {@link java.io.File} is garbage collected.)
> But the code in DiskFileItemFactory.createItem() is doing:
> tracker.track(result.getTempFile(), this);
> Which means the file is cleaned when DiskFileItemFactory is garbage collected.
> This error is propably introduced in Rev 578253 when the code was moved from DiskFileItem to DiskFileItemFactory, without changing "this" (which was DiskFileItem) and is not DiskFileItemFactory.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira