Colm O hEigeartaigh created FELIX-6271:
------------------------------------------
Summary: Make sure invalid bundles are deleted in BundleServlet
Key: FELIX-6271
URL: https://issues.apache.org/jira/browse/FELIX-6271
Project: Felix
Issue Type: Bug
Components: Web Console
Affects Versions: webconsole-4.5.0
Reporter: Colm O hEigeartaigh
If you attempt to upload an invalid bundle in BundleServlet (say a regular war
file), null is returned from getSymbolicNameVersion(bundleFile). This result in
a NPE and the bundleFile is not actually deleted. This could potentially allow
someone to fill up the disk space of the server by repeatedly uploading large
invalid war/jars.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
