• Type: Bug
• Resolution: Fixed
• Priority: High (View bug fix roadmap)
• Fix Version/s: 6.4.1, 6.5-OD-01, 2017-07-06-22-45-08_2017-07-06_6b55650941, 1000.1112.0
• Affects Version/s: None
• Component/s: Issue - Attachments
• Labels:

  • affects-cloud
  • affects-server
  • denial-of-service
  • jira-ninjas
  • security

[JRASERVER-40941] Images with very large dimensions cause thumbnail generation to OOME the instance

Owen made changes - 16/Oct/2018 12:55 AM

Workflow	Original: JAC Bug Workflow v2 [ 2835140 ]	New: JAC Bug Workflow v3 [ 2925049 ]
Status	Original: Resolved [ 5 ]	New: Closed [ 6 ]

Owen made changes - 25/Sep/2018 12:32 AM

Workflow

Original: JIRA Bug Workflow w Kanban v7 - Restricted [ 2563438 ]

New: JAC Bug Workflow v2 [ 2835140 ]

Ignat (Inactive) made changes - 01/Feb/2018 2:04 PM

Workflow

Original: JIRA Bug Workflow w Kanban v6 - Restricted [ 1543999 ]

New: JIRA Bug Workflow w Kanban v7 - Restricted [ 2563438 ]

Deleted Account (Inactive) made changes - 10/Jul/2017 3:03 PM

Fix Version/s

New: 1000.1112.0 [ 72809 ]

Deleted Account (Inactive) made changes - 07/Jul/2017 3:13 AM

Fix Version/s

New: 2017-07-06-22-45-08_2017-07-06_6b55650941 [ 72686 ]

jonah (Inactive) made changes - 02/Apr/2017 10:50 AM

Description

Original: [cntech.atlassian.net|http://zoome2.uc-inf.net/zoome/_design/zoome2/public/search.html#filter_params%5Binstance%5D=cntech.atlassian.net&filter_params%5Bcause%5D=&filter_params%5Bapplication%5D=&filter_params%5Bdays_ago%5D=30&filter_params%5Bquery_time%5D=1416293348308] had a couple of thumbnail-related OOMEs. This is caused by a smallish png ~3.8MB but with a 26000x24000 dimension. You can easily reproduce the problem by just generating an image with a white background of that dimension. {code} convert -size 26000x24000 xc:white oom.png {code} Similar to JRA-40084, I think we should reject images above a configurable dimension, causing the image to be marked as thumbnailable=0 Possible Solutions: - Thumber should reject images above a configurable dimension.

New: {panel:bgColor=#e7f4fa}   *NOTE:* This bug report is for *JIRA Server*. Using *JIRA Cloud*? [See the corresponding bug report|http://jira.atlassian.com/browse/JRACLOUD-40941].   {panel} [cntech.atlassian.net|http://zoome2.uc-inf.net/zoome/_design/zoome2/public/search.html#filter_params%5Binstance%5D=cntech.atlassian.net&filter_params%5Bcause%5D=&filter_params%5Bapplication%5D=&filter_params%5Bdays_ago%5D=30&filter_params%5Bquery_time%5D=1416293348308] had a couple of thumbnail-related OOMEs. This is caused by a smallish png ~3.8MB but with a 26000x24000 dimension. You can easily reproduce the problem by just generating an image with a white background of that dimension. {code} convert -size 26000x24000 xc:white oom.png {code} Similar to JRA-40084, I think we should reject images above a configurable dimension, causing the image to be marked as thumbnailable=0 Possible Solutions: - Thumber should reject images above a configurable dimension.

jonah (Inactive) made changes - 02/Apr/2017 10:50 AM

Link

New: This issue relates to JRACLOUD-40941 [ JRACLOUD-40941 ]

Confluence Escalation Bot (Inactive) made changes - 02/Apr/2017 12:53 AM

Labels

Original: affects-cloud denial-of-service jira-ninjas security

New: affects-cloud affects-server denial-of-service jira-ninjas security

Confluence Escalation Bot (Inactive) made changes - 16/Mar/2017 4:36 AM

Labels

Original: denial-of-service jira-ninjas security

New: affects-cloud denial-of-service jira-ninjas security

Owen made changes - 07/Jul/2016 6:58 AM

Workflow

Original: JIRA Bug Workflow w Kanban v6 [ 769897 ]

New: JIRA Bug Workflow w Kanban v6 - Restricted [ 1543999 ]

Load more older history items