[
https://issues.apache.org/jira/browse/FELIX-6271?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Carsten Ziegeler closed FELIX-6271.
-----------------------------------
> Make sure invalid bundles are deleted in BundleServlet
> ------------------------------------------------------
>
> Key: FELIX-6271
> URL: https://issues.apache.org/jira/browse/FELIX-6271
> Project: Felix
> Issue Type: Bug
> Components: Web Console
> Affects Versions: webconsole-4.5.0
> Reporter: Colm O hEigeartaigh
> Assignee: Carsten Ziegeler
> Priority: Minor
> Fix For: webconsole-4.5.2
>
>
> If you attempt to upload an invalid bundle in BundleServlet (say a regular
> war file), null is returned from getSymbolicNameVersion(bundleFile). This
> result in a NPE and the bundleFile is not actually deleted. This could
> potentially allow someone to fill up the disk space of the server by
> repeatedly uploading large invalid war/jars.
>
> PR: [https://github.com/apache/felix-dev/pull/20]
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
