RE: Image killing server (RESOLVED)
Dude and double dude! Excellent work :OD To stop the errors we started looking in files for certain strings to indicate the image would crap out CF. Will let you know how we get on when we upgrade. Adrian -Original Message- From: Mark Kruger [mailto:mkru...@cfwebtools.com] Sent: 09 June 2009 22:49 To: cf-talk Subject: RE: Image killing server (RESOLVED) Adrian, I have an explanation and a resolution for you. The problem is a buffer overrun in the ICC parser (a bit of color correction meta data that ships with the image). To resolve it I upgraded my JVM from 1.6.0_04 to 1.6.0_14 ... But _05 or above would do the trick I think. I'll write a blog on it and give a more thorough explanation - but meanwhile, I found my best clues by looking not for ColdFusion related image issues, but javax.imagaio related image issues. I found this post: http://www.securiteam.com/securitynews/5SP0E1PNQA.htm Which lead me more closely examine the update (build) number of my JVM install. I hope this helps you! -Mark Mark A. Kruger, CFG, MCSE (402) 408-3733 ext 105 www.cfwebtools.com www.coldfusionmuse.com www.necfug.com -Original Message- From: Adrian Lynch [mailto:cont...@adrianlynch.co.uk] Sent: Tuesday, June 09, 2009 10:49 AM To: cf-talk Subject: RE: Image killing server Thanks Mark. You're right, I'm beginning to think I shouldn't have posted it on here now. I've submitted a bug report to Adobe. When I open it in GIMP I get told The image 'killer.jpg' has an embedded colour profile: eciRGB v2 ICCv4. cftry/cfcatch doesn't help so the only way I can think of to spot this prior to using ImageRead() etc. is to read the file in with cffile and look for eciRGB v2 ICCv4. But who's to say that will cover all the bases? Adrian -Original Message- From: Mark Kruger [mailto:mkru...@cfwebtools.com] Sent: 09 June 2009 16:32 To: cf-talk Subject: RE: Image killing server Follow up: I can verify the image is able to be previewed and edited using fireworks. I can't see anything unusual about it. I have to say if it's a something that is reproducible, it's going to be an attack vector. I can think of 3 or 4 servers I manage that need a fix for this pretty quickly if it becomes common knowledge. -Mark Mark A. Kruger, CFG, MCSE (402) 408-3733 ext 105 www.cfwebtools.com www.coldfusionmuse.com www.necfug.com -Original Message- From: Mark Kruger [mailto:mkru...@cfwebtools.com] Sent: Tuesday, June 09, 2009 10:27 AM To: cf-talk Subject: RE: Image killing server Adrian, I verified your results on an 8.01 dev server running on my local XP box. Sure enough the service restarts. -Mark Mark A. Kruger, CFG, MCSE (402) 408-3733 ext 105 www.cfwebtools.com www.coldfusionmuse.com www.necfug.com -Original Message- From: Adrian Lynch [mailto:cont...@adrianlynch.co.uk] Sent: Tuesday, June 09, 2009 9:43 AM To: cf-talk Subject: Image killing server Hey all, got a bit of a strange one here. A user is uploading an image which GIMP is reporting to have an embedded colour profile of . When I use any of the image functions on this image, CF dies. I posted a while ago but because it was only one user we converted it manually and re-uploaded, now we're getting more of them. Could I ask for a sanity check by someone confirming that this image is killing their server too? http://www.halestorm.co.uk/images/killer.jpg Download it, create a .cfm page and do ImageRead(ExpandPath(./killer.jpg)) I get a blank page back then on refresh a message saying CF is starting up. I'm on the bug report page at the moment but I thought I would get someone else to test this also. Thanks. Adrian Lynch | www.halestorm.co.uk ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323329 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Image killing server (RESOLVED)
Adria, I blogged this solution http://www.coldfusionmuse.com/index.cfm/2009/6/10/javax.imageio.jpg.crash.jv m -Mark -Original Message- From: Adrian Lynch [mailto:cont...@adrianlynch.co.uk] Sent: Wednesday, June 10, 2009 3:21 AM To: cf-talk Subject: RE: Image killing server (RESOLVED) Dude and double dude! Excellent work :OD To stop the errors we started looking in files for certain strings to indicate the image would crap out CF. Will let you know how we get on when we upgrade. Adrian -Original Message- From: Mark Kruger [mailto:mkru...@cfwebtools.com] Sent: 09 June 2009 22:49 To: cf-talk Subject: RE: Image killing server (RESOLVED) Adrian, I have an explanation and a resolution for you. The problem is a buffer overrun in the ICC parser (a bit of color correction meta data that ships with the image). To resolve it I upgraded my JVM from 1.6.0_04 to 1.6.0_14 ... But _05 or above would do the trick I think. I'll write a blog on it and give a more thorough explanation - but meanwhile, I found my best clues by looking not for ColdFusion related image issues, but javax.imagaio related image issues. I found this post: http://www.securiteam.com/securitynews/5SP0E1PNQA.htm Which lead me more closely examine the update (build) number of my JVM install. I hope this helps you! -Mark Mark A. Kruger, CFG, MCSE (402) 408-3733 ext 105 www.cfwebtools.com www.coldfusionmuse.com www.necfug.com -Original Message- From: Adrian Lynch [mailto:cont...@adrianlynch.co.uk] Sent: Tuesday, June 09, 2009 10:49 AM To: cf-talk Subject: RE: Image killing server Thanks Mark. You're right, I'm beginning to think I shouldn't have posted it on here now. I've submitted a bug report to Adobe. When I open it in GIMP I get told The image 'killer.jpg' has an embedded colour profile: eciRGB v2 ICCv4. cftry/cfcatch doesn't help so the only way I can think of to spot this prior to using ImageRead() etc. is to read the file in with cffile and look for eciRGB v2 ICCv4. But who's to say that will cover all the bases? Adrian -Original Message- From: Mark Kruger [mailto:mkru...@cfwebtools.com] Sent: 09 June 2009 16:32 To: cf-talk Subject: RE: Image killing server Follow up: I can verify the image is able to be previewed and edited using fireworks. I can't see anything unusual about it. I have to say if it's a something that is reproducible, it's going to be an attack vector. I can think of 3 or 4 servers I manage that need a fix for this pretty quickly if it becomes common knowledge. -Mark Mark A. Kruger, CFG, MCSE (402) 408-3733 ext 105 www.cfwebtools.com www.coldfusionmuse.com www.necfug.com -Original Message- From: Mark Kruger [mailto:mkru...@cfwebtools.com] Sent: Tuesday, June 09, 2009 10:27 AM To: cf-talk Subject: RE: Image killing server Adrian, I verified your results on an 8.01 dev server running on my local XP box. Sure enough the service restarts. -Mark Mark A. Kruger, CFG, MCSE (402) 408-3733 ext 105 www.cfwebtools.com www.coldfusionmuse.com www.necfug.com -Original Message- From: Adrian Lynch [mailto:cont...@adrianlynch.co.uk] Sent: Tuesday, June 09, 2009 9:43 AM To: cf-talk Subject: Image killing server Hey all, got a bit of a strange one here. A user is uploading an image which GIMP is reporting to have an embedded colour profile of . When I use any of the image functions on this image, CF dies. I posted a while ago but because it was only one user we converted it manually and re-uploaded, now we're getting more of them. Could I ask for a sanity check by someone confirming that this image is killing their server too? http://www.halestorm.co.uk/images/killer.jpg Download it, create a .cfm page and do ImageRead(ExpandPath(./killer.jpg)) I get a blank page back then on refresh a message saying CF is starting up. I'm on the bug report page at the moment but I thought I would get someone else to test this also. Thanks. Adrian Lynch | www.halestorm.co.uk ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323340 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
re: Image killing server
Just looking at the link you sent in a browser, the image is nearly all black, which makes me think it's a CMYK jpeg, instead of an RGB jpeg. Browsers and the Adobe image engine can't handle the CMYK ... that's my guess. ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323265 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Image killing server
Hey, thanks Jason, I did the blackout myself. It's an image for an awards show so I thought it best to mask it. It is RGB, CMYK was our first thought too. Adrian -Original Message- From: Jason Fisher [mailto:ja...@wanax.com] Sent: 09 June 2009 15:54 To: cf-talk Subject: re: Image killing server Just looking at the link you sent in a browser, the image is nearly all black, which makes me think it's a CMYK jpeg, instead of an RGB jpeg. Browsers and the Adobe image engine can't handle the CMYK ... that's my guess. ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323266 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Image killing server
I did the blackout myself. Yes, but that also means you altered the image and we're no longer looking at the image you have a problem with. Did you verify the CF function fails on this version of the image? Robert B. Harrison Director of Interactive Services Austin Williams 125 Kennedy Drive, Suite 100 Hauppauge NY 11788 P : 631.231.6600 Ext. 119 F : 631.434.7022 http://www.austin-williams.com Great advertising can't be either/or. It must be . Plug in to our blog: AW Unplugged http://www.austin-williams.com/unplugged __ Information from ESET Smart Security, version of virus signature database 4141 (20090609) __ The message was checked by ESET Smart Security. http://www.eset.com ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323268 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Image killing server
Of course ;O) Still kills our servers. Has anyone witnessed it yet? -Original Message- From: Robert Harrison [mailto:rob...@austin-williams.com] Sent: 09 June 2009 16:15 To: cf-talk Subject: RE: Image killing server I did the blackout myself. Yes, but that also means you altered the image and we're no longer looking at the image you have a problem with. Did you verify the CF function fails on this version of the image? Robert B. Harrison Director of Interactive Services Austin Williams 125 Kennedy Drive, Suite 100 Hauppauge NY 11788 P : 631.231.6600 Ext. 119 F : 631.434.7022 http://www.austin-williams.com Great advertising can't be either/or. It must be . Plug in to our blog: AW Unplugged http://www.austin-williams.com/unplugged __ Information from ESET Smart Security, version of virus signature database 4141 (20090609) __ The message was checked by ESET Smart Security. http://www.eset.com ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323269 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Re: Image killing server
hmm... worked just fine on my dev server... cfset myimage = ImageRead(ExpandPath(./killer.jpg)) cfdump var=#myimage# format=text dumped me this nice struct: struct colormodel: [struct] alpha_channel_support: NO alpha_premultiplied: NO bits_component_1: 8 bits_component_2: 8 bits_component_3: 8 colormodel_type: ComponentColorModel colorspace: Any of the family of RGB color spaces num_color_components: 3 num_components: 3 pixel_size: 24 transparency: OPAQUE height: 768 source: ...\killer.jpg width: 1024 NOTE: my dev server *DOES NOT* have the 71557 cfimage hotfix installed (http://www.adobe.com/go/kb403411) Azadi Saryev Sabai-dee.com http://www.sabai-dee.com/ On 09/06/2009 21:59, Adrian Lynch wrote: Hey, thanks Jason, I did the blackout myself. It's an image for an awards show so I thought it best to mask it. It is RGB, CMYK was our first thought too. Adrian -Original Message- From: Jason Fisher [mailto:ja...@wanax.com] Sent: 09 June 2009 15:54 To: cf-talk Subject: re: Image killing server Just looking at the link you sent in a browser, the image is nearly all black, which makes me think it's a CMYK jpeg, instead of an RGB jpeg. Browsers and the Adobe image engine can't handle the CMYK ... that's my guess. ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323270 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Image killing server
Ah, interesting! -Original Message- From: Azadi Saryev [mailto:az...@sabai-dee.com] Sent: 09 June 2009 16:24 To: cf-talk Subject: Re: Image killing server hmm... worked just fine on my dev server... cfset myimage = ImageRead(ExpandPath(./killer.jpg)) cfdump var=#myimage# format=text dumped me this nice struct: struct colormodel: [struct] alpha_channel_support: NO alpha_premultiplied: NO bits_component_1: 8 bits_component_2: 8 bits_component_3: 8 colormodel_type: ComponentColorModel colorspace: Any of the family of RGB color spaces num_color_components: 3 num_components: 3 pixel_size: 24 transparency: OPAQUE height: 768 source: ...\killer.jpg width: 1024 NOTE: my dev server *DOES NOT* have the 71557 cfimage hotfix installed (http://www.adobe.com/go/kb403411) Azadi Saryev Sabai-dee.com http://www.sabai-dee.com/ On 09/06/2009 21:59, Adrian Lynch wrote: Hey, thanks Jason, I did the blackout myself. It's an image for an awards show so I thought it best to mask it. It is RGB, CMYK was our first thought too. Adrian -Original Message- From: Jason Fisher [mailto:ja...@wanax.com] Sent: 09 June 2009 15:54 To: cf-talk Subject: re: Image killing server Just looking at the link you sent in a browser, the image is nearly all black, which makes me think it's a CMYK jpeg, instead of an RGB jpeg. Browsers and the Adobe image engine can't handle the CMYK ... that's my guess. ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323272 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Image killing server
Adrian, What version, what build and what platform (Linux, windows, etc)? -Mark Mark A. Kruger, CFG, MCSE (402) 408-3733 ext 105 www.cfwebtools.com www.coldfusionmuse.com www.necfug.com -Original Message- From: Adrian Lynch [mailto:cont...@adrianlynch.co.uk] Sent: Tuesday, June 09, 2009 9:43 AM To: cf-talk Subject: Image killing server Hey all, got a bit of a strange one here. A user is uploading an image which GIMP is reporting to have an embedded colour profile of . When I use any of the image functions on this image, CF dies. I posted a while ago but because it was only one user we converted it manually and re-uploaded, now we're getting more of them. Could I ask for a sanity check by someone confirming that this image is killing their server too? http://www.halestorm.co.uk/images/killer.jpg Download it, create a .cfm page and do ImageRead(ExpandPath(./killer.jpg)) I get a blank page back then on refresh a message saying CF is starting up. I'm on the bug report page at the moment but I thought I would get someone else to test this also. Thanks. Adrian Lynch | www.halestorm.co.uk ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323273 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Image killing server
Adrian, I verified your results on an 8.01 dev server running on my local XP box. Sure enough the service restarts. -Mark Mark A. Kruger, CFG, MCSE (402) 408-3733 ext 105 www.cfwebtools.com www.coldfusionmuse.com www.necfug.com -Original Message- From: Adrian Lynch [mailto:cont...@adrianlynch.co.uk] Sent: Tuesday, June 09, 2009 9:43 AM To: cf-talk Subject: Image killing server Hey all, got a bit of a strange one here. A user is uploading an image which GIMP is reporting to have an embedded colour profile of . When I use any of the image functions on this image, CF dies. I posted a while ago but because it was only one user we converted it manually and re-uploaded, now we're getting more of them. Could I ask for a sanity check by someone confirming that this image is killing their server too? http://www.halestorm.co.uk/images/killer.jpg Download it, create a .cfm page and do ImageRead(ExpandPath(./killer.jpg)) I get a blank page back then on refresh a message saying CF is starting up. I'm on the bug report page at the moment but I thought I would get someone else to test this also. Thanks. Adrian Lynch | www.halestorm.co.uk ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323274 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Image killing server
Follow up: I can verify the image is able to be previewed and edited using fireworks. I can't see anything unusual about it. I have to say if it's a something that is reproducible, it's going to be an attack vector. I can think of 3 or 4 servers I manage that need a fix for this pretty quickly if it becomes common knowledge. -Mark Mark A. Kruger, CFG, MCSE (402) 408-3733 ext 105 www.cfwebtools.com www.coldfusionmuse.com www.necfug.com -Original Message- From: Mark Kruger [mailto:mkru...@cfwebtools.com] Sent: Tuesday, June 09, 2009 10:27 AM To: cf-talk Subject: RE: Image killing server Adrian, I verified your results on an 8.01 dev server running on my local XP box. Sure enough the service restarts. -Mark Mark A. Kruger, CFG, MCSE (402) 408-3733 ext 105 www.cfwebtools.com www.coldfusionmuse.com www.necfug.com -Original Message- From: Adrian Lynch [mailto:cont...@adrianlynch.co.uk] Sent: Tuesday, June 09, 2009 9:43 AM To: cf-talk Subject: Image killing server Hey all, got a bit of a strange one here. A user is uploading an image which GIMP is reporting to have an embedded colour profile of . When I use any of the image functions on this image, CF dies. I posted a while ago but because it was only one user we converted it manually and re-uploaded, now we're getting more of them. Could I ask for a sanity check by someone confirming that this image is killing their server too? http://www.halestorm.co.uk/images/killer.jpg Download it, create a .cfm page and do ImageRead(ExpandPath(./killer.jpg)) I get a blank page back then on refresh a message saying CF is starting up. I'm on the bug report page at the moment but I thought I would get someone else to test this also. Thanks. Adrian Lynch | www.halestorm.co.uk ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323275 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Image killing server
Thanks Mark. You're right, I'm beginning to think I shouldn't have posted it on here now. I've submitted a bug report to Adobe. When I open it in GIMP I get told The image 'killer.jpg' has an embedded colour profile: eciRGB v2 ICCv4. cftry/cfcatch doesn't help so the only way I can think of to spot this prior to using ImageRead() etc. is to read the file in with cffile and look for eciRGB v2 ICCv4. But who's to say that will cover all the bases? Adrian -Original Message- From: Mark Kruger [mailto:mkru...@cfwebtools.com] Sent: 09 June 2009 16:32 To: cf-talk Subject: RE: Image killing server Follow up: I can verify the image is able to be previewed and edited using fireworks. I can't see anything unusual about it. I have to say if it's a something that is reproducible, it's going to be an attack vector. I can think of 3 or 4 servers I manage that need a fix for this pretty quickly if it becomes common knowledge. -Mark Mark A. Kruger, CFG, MCSE (402) 408-3733 ext 105 www.cfwebtools.com www.coldfusionmuse.com www.necfug.com -Original Message- From: Mark Kruger [mailto:mkru...@cfwebtools.com] Sent: Tuesday, June 09, 2009 10:27 AM To: cf-talk Subject: RE: Image killing server Adrian, I verified your results on an 8.01 dev server running on my local XP box. Sure enough the service restarts. -Mark Mark A. Kruger, CFG, MCSE (402) 408-3733 ext 105 www.cfwebtools.com www.coldfusionmuse.com www.necfug.com -Original Message- From: Adrian Lynch [mailto:cont...@adrianlynch.co.uk] Sent: Tuesday, June 09, 2009 9:43 AM To: cf-talk Subject: Image killing server Hey all, got a bit of a strange one here. A user is uploading an image which GIMP is reporting to have an embedded colour profile of . When I use any of the image functions on this image, CF dies. I posted a while ago but because it was only one user we converted it manually and re-uploaded, now we're getting more of them. Could I ask for a sanity check by someone confirming that this image is killing their server too? http://www.halestorm.co.uk/images/killer.jpg Download it, create a .cfm page and do ImageRead(ExpandPath(./killer.jpg)) I get a blank page back then on refresh a message saying CF is starting up. I'm on the bug report page at the moment but I thought I would get someone else to test this also. Thanks. Adrian Lynch | www.halestorm.co.uk ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323277 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Image killing server
Adrian, FYI: CF 9 and Ralio handle this file ok (according to my friend and colleague Ryan Stille). I don't know what to make of that embedded color profile information. I wouldn't worry about posting it - get it out in the open and let's deal with it :) -Mark -Original Message- From: Adrian Lynch [mailto:cont...@adrianlynch.co.uk] Sent: Tuesday, June 09, 2009 10:49 AM To: cf-talk Subject: RE: Image killing server Thanks Mark. You're right, I'm beginning to think I shouldn't have posted it on here now. I've submitted a bug report to Adobe. When I open it in GIMP I get told The image 'killer.jpg' has an embedded colour profile: eciRGB v2 ICCv4. cftry/cfcatch doesn't help so the only way I can think of to spot this prior to using ImageRead() etc. is to read the file in with cffile and look for eciRGB v2 ICCv4. But who's to say that will cover all the bases? Adrian -Original Message- From: Mark Kruger [mailto:mkru...@cfwebtools.com] Sent: 09 June 2009 16:32 To: cf-talk Subject: RE: Image killing server Follow up: I can verify the image is able to be previewed and edited using fireworks. I can't see anything unusual about it. I have to say if it's a something that is reproducible, it's going to be an attack vector. I can think of 3 or 4 servers I manage that need a fix for this pretty quickly if it becomes common knowledge. -Mark Mark A. Kruger, CFG, MCSE (402) 408-3733 ext 105 www.cfwebtools.com www.coldfusionmuse.com www.necfug.com -Original Message- From: Mark Kruger [mailto:mkru...@cfwebtools.com] Sent: Tuesday, June 09, 2009 10:27 AM To: cf-talk Subject: RE: Image killing server Adrian, I verified your results on an 8.01 dev server running on my local XP box. Sure enough the service restarts. -Mark Mark A. Kruger, CFG, MCSE (402) 408-3733 ext 105 www.cfwebtools.com www.coldfusionmuse.com www.necfug.com -Original Message- From: Adrian Lynch [mailto:cont...@adrianlynch.co.uk] Sent: Tuesday, June 09, 2009 9:43 AM To: cf-talk Subject: Image killing server Hey all, got a bit of a strange one here. A user is uploading an image which GIMP is reporting to have an embedded colour profile of . When I use any of the image functions on this image, CF dies. I posted a while ago but because it was only one user we converted it manually and re-uploaded, now we're getting more of them. Could I ask for a sanity check by someone confirming that this image is killing their server too? http://www.halestorm.co.uk/images/killer.jpg Download it, create a .cfm page and do ImageRead(ExpandPath(./killer.jpg)) I get a blank page back then on refresh a message saying CF is starting up. I'm on the bug report page at the moment but I thought I would get someone else to test this also. Thanks. Adrian Lynch | www.halestorm.co.uk ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323278 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
RE: Image killing server
Adrian, I'm working through this problem on another list and I'll try to keep you up to date. I found the following exception in the *-out.log along with a good deal more detail in an hs_err log. You might look for those - although I'm not sure they will tell you anything. -Mark # # An unexpected error has been detected by Java Runtime Environment: # # EXCEPTION_ACCESS_VIOLATION (0xc005) at pc=0x7c910f1e, pid=4948, tid=5340 # # Java VM: Java HotSpot(TM) Server VM (10.0-b19 mixed mode windows-x86) # Problematic frame: # C [ntdll.dll+0x10f1e] # # An error report file with more information is saved as: # C:\ColdFusion8\runtime\bin\hs_err_pid4948.log # # If you would like to submit a bug report, please visit: # http://java.sun.com/webapps/bugreport/crash.jsp # The crash happened outside the Java Virtual Machine in native code. # See problematic frame for where to report the bug. # Starting Macromedia JRun 4.0 (Build 108673), coldfusion server ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323282 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
RE: Image killing server (RESOLVED)
Adrian, I have an explanation and a resolution for you. The problem is a buffer overrun in the ICC parser (a bit of color correction meta data that ships with the image). To resolve it I upgraded my JVM from 1.6.0_04 to 1.6.0_14 ... But _05 or above would do the trick I think. I'll write a blog on it and give a more thorough explanation - but meanwhile, I found my best clues by looking not for ColdFusion related image issues, but javax.imagaio related image issues. I found this post: http://www.securiteam.com/securitynews/5SP0E1PNQA.htm Which lead me more closely examine the update (build) number of my JVM install. I hope this helps you! -Mark Mark A. Kruger, CFG, MCSE (402) 408-3733 ext 105 www.cfwebtools.com www.coldfusionmuse.com www.necfug.com -Original Message- From: Adrian Lynch [mailto:cont...@adrianlynch.co.uk] Sent: Tuesday, June 09, 2009 10:49 AM To: cf-talk Subject: RE: Image killing server Thanks Mark. You're right, I'm beginning to think I shouldn't have posted it on here now. I've submitted a bug report to Adobe. When I open it in GIMP I get told The image 'killer.jpg' has an embedded colour profile: eciRGB v2 ICCv4. cftry/cfcatch doesn't help so the only way I can think of to spot this prior to using ImageRead() etc. is to read the file in with cffile and look for eciRGB v2 ICCv4. But who's to say that will cover all the bases? Adrian -Original Message- From: Mark Kruger [mailto:mkru...@cfwebtools.com] Sent: 09 June 2009 16:32 To: cf-talk Subject: RE: Image killing server Follow up: I can verify the image is able to be previewed and edited using fireworks. I can't see anything unusual about it. I have to say if it's a something that is reproducible, it's going to be an attack vector. I can think of 3 or 4 servers I manage that need a fix for this pretty quickly if it becomes common knowledge. -Mark Mark A. Kruger, CFG, MCSE (402) 408-3733 ext 105 www.cfwebtools.com www.coldfusionmuse.com www.necfug.com -Original Message- From: Mark Kruger [mailto:mkru...@cfwebtools.com] Sent: Tuesday, June 09, 2009 10:27 AM To: cf-talk Subject: RE: Image killing server Adrian, I verified your results on an 8.01 dev server running on my local XP box. Sure enough the service restarts. -Mark Mark A. Kruger, CFG, MCSE (402) 408-3733 ext 105 www.cfwebtools.com www.coldfusionmuse.com www.necfug.com -Original Message- From: Adrian Lynch [mailto:cont...@adrianlynch.co.uk] Sent: Tuesday, June 09, 2009 9:43 AM To: cf-talk Subject: Image killing server Hey all, got a bit of a strange one here. A user is uploading an image which GIMP is reporting to have an embedded colour profile of . When I use any of the image functions on this image, CF dies. I posted a while ago but because it was only one user we converted it manually and re-uploaded, now we're getting more of them. Could I ask for a sanity check by someone confirming that this image is killing their server too? http://www.halestorm.co.uk/images/killer.jpg Download it, create a .cfm page and do ImageRead(ExpandPath(./killer.jpg)) I get a blank page back then on refresh a message saying CF is starting up. I'm on the bug report page at the moment but I thought I would get someone else to test this also. Thanks. Adrian Lynch | www.halestorm.co.uk ~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:323297 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
