Details
-
Bug
-
Resolution: Timed out
-
Low
-
None
-
4.3.4
-
4.03
-
1
-
Severity 3 - Minor
-
-
Description
There are two separate scenarios where the problem can be observed
Scenario 1:
A remote JIRA user trying to upload a file to JIRA where (s)he doesn't have rw permissions to.
- Create a file that is visible to the user accessing JIRA UI, but not readable (revoked r/w on the file).
- Attempt to add a file to JIRA.
- After some time the following is reported in UI:
Your session has timed out or you were logged out. Please save your work and reload the page
In the same the following error is returned in the log file:
2011-07-25 14:47:33,488 http-8080-1 ERROR kk 887x554x1 1dxua07 172.20.5.82 /secure/AttachTemporaryFile.jspa [webwork.multipart.MultiPartRequestWrapper] null java.lang.reflect.InvocationTargetException at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27) at java.lang.reflect.Constructor.newInstance(Constructor.java:513) at webwork.multipart.MultiPartRequestWrapper.<init>(MultiPartRequestWrapper.java:73) at com.atlassian.jira.web.dispatcher.JiraWebworkActionDispatcher.wrapRequest(JiraWebworkActionDispatcher.java:399) at com.atlassian.jira.web.dispatcher.JiraWebworkActionDispatcher.service(JiraWebworkActionDispatcher.java:132) at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.atlassian.jira.web.filters.JiraLastFilter.doFilter(JiraLastFilter.java:81) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.atlassian.core.filters.HeaderSanitisingFilter.doFilter(HeaderSanitisingFilter.java:44) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:46) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter$1.doFilter(DelegatingPluginFilter.java:66) at com.atlassian.applinks.core.rest.context.ContextFilter.doFilter(ContextFilter.java:25) at com.atlassian.plugin.servlet.filter.DelegatingPluginFilter.doFilter(DelegatingPluginFilter.java:74) .... Caused by: java.net.SocketTimeoutException: Read timed out at java.net.SocketInputStream.socketRead0(Native Method) at java.net.SocketInputStream.read(SocketInputStream.java:129) at org.apache.coyote.http11.InternalInputBuffer.fill(InternalInputBuffer.java:751) at org.apache.coyote.http11.InternalInputBuffer$InputStreamInputBuffer.doRead(InternalInputBuffer.java:781) at org.apache.coyote.http11.filters.IdentityInputFilter.doRead(IdentityInputFilter.java:116) at org.apache.coyote.http11.InternalInputBuffer.doRead(InternalInputBuffer.java:710) at org.apache.coyote.Request.doRead(Request.java:428) at org.apache.catalina.connector.InputBuffer.realReadBytes(InputBuffer.java:304) at org.apache.tomcat.util.buf.ByteChunk.substract(ByteChunk.java:403) at org.apache.catalina.connector.InputBuffer.read(InputBuffer.java:327)
Scenario 2:
Local JIRA OS user performing the above task.
- JIRA is executed as unprivileged user.
- Create a file that is visible to the user operating JIRA but not readable.
- File is created with the following permissions:
bdziedzic@okocim:~/.tmp-scripts/atlassian-jira-4.3.4-standalone$ ls -l /tmp/anewfile -rw-r----- 1 root root 7 2011-07-21 14:19 /tmp/anewfile
- Some random data is entered into file.
- When the attach file operation is attempted the following error is displayed:
andwfile does not exist or is zero bytes in size.