Details
-
Bug
-
Resolution: Fixed
-
High
-
5.6.3, 5.8, 5.7.5, 5.9.1-m1
-
None
-
4
-
Description
NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report.
We had a situation where a user commented on a jira issue with a text 25MB comment. This was sent as a workbox notification to Confluence, which promptly died trying to sanitise the string:
2015-07-24 00:35:17,952 ERROR [catalina-exec-33] [common.error.jersey.ThrowableExceptionMapper] toResponse Uncaught exception thrown by REST service: Java heap space
-- url: /rest/mywork/1/notification | userName: <REDACTED>
java.lang.OutOfMemoryError: Java heap space
at org.apache.xerces.dom.CharacterDataImpl.appendData(Unknown Source)
at org.cyberneko.html.parsers.DOMFragmentParser.characters(DOMFragmentParser.java:465)
at org.cyberneko.html.HTMLTagBalancer.characters(HTMLTagBalancer.java:798)
at com.atlassian.xhtml.parsing.BlockIsolatingTagBalancer.characters(BlockIsolatingTagBalancer.java:171)
at org.cyberneko.html.filters.DefaultFilter.characters(DefaultFilter.java:156)
at org.cyberneko.html.HTMLScanner$ContentScanner.scanCharacters(HTMLScanner.java:2059)
at org.cyberneko.html.HTMLScanner$ContentScanner.scan(HTMLScanner.java:1910)
at org.cyberneko.html.HTMLScanner.scanDocument(HTMLScanner.java:877)
at org.cyberneko.html.HTMLConfiguration.parse(HTMLConfiguration.java:495)
at org.cyberneko.html.HTMLConfiguration.parse(HTMLConfiguration.java:448)
at org.cyberneko.html.parsers.DOMFragmentParser.parse(DOMFragmentParser.java:166)
at org.owasp.validator.html.scan.AntiSamyDOMScanner.scan(AntiSamyDOMScanner.java:172)
at org.owasp.validator.html.AntiSamy.scan(AntiSamy.java:113)
at org.owasp.validator.html.AntiSamy.scan(AntiSamy.java:92)
at com.atlassian.mywork.host.service.HTMLServiceImpl.clean(HTMLServiceImpl.java:28)
at com.atlassian.mywork.host.service.LocalNotificationServiceImpl.createOrUpdate(LocalNotificationServiceImpl.java:164)
We should have some sort of safeguard that limits the size of notifications
Attachments
Issue Links
- relates to
-
CONFCLOUD-38615 Very large notifications can cause OOMEs
- Closed
-
CONFSERVER-38699 Workbox Plugin loads full HTML of JIRA comment, leads to GC loop of death on large comment
- Closed
- included in
-
CPU-64 Confluence 5.9.1-OD-2015.47.1-0002
-
CPU-282 Confluence 6.0.0-OD-2016.06.1-0007
-
CPU-283 Confluence 6.0.0-OD-2016.06.1-0008
-
CPU-287 Confluence 6.0.0-OD-2016.06.1-0009
- links to
- mentioned in
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...
-
Page Loading...