PD4ML v4 Forums PD4ML v3 Archived Forums (Read Only) Troubleshooting "Broken" PNG image file hangs PD4ML generator forever

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
  • #26786

    If an HTML page contains an img tag that refers a PNG image that all browsers display ok but the sun.awt.image.PNGImageDecoder think is broken, then generating a PDF by PD4ML will hang forever. This is particularly disturbing in a web application where users can upload their own images and the thread that gets stuck is likely a HTTP worker thread. Then it is possible easy to DOS attack the system, intentionally or unintentionally.

    The thread gets stuck here (using the latest and greatest 380fx8 build):

    java.lang.Thread#sleep:-2<br /> org.zefer.pd4ml.pdf.j$_b#Ò00000:-1<br /> org.zefer.pd4ml.pdf.c#ÒÒ0000:-1<br /> org.zefer.pd4ml.pdf.c#ø00000:-1<br /> org.zefer.pd4ml.pdf.c#close:-1<br /> org.zefer.pd4ml.pdf.PD4Device#dispose:-1<br /> org.zefer.pd4ml.PD4ML#o00000:-1<br /> org.zefer.pd4ml.PD4ML#render:-1<br /> net.xxxxx.tm.handler.DocumentManagerHandler#writePDFWithHeader:263<br /> net.xxxxx.rte.action.ContentSaveToPdfAction#doAction:86<br /> net.xxxxx.core.struts.action.BaseCourseAction#doAction:85<br /> net.xxxxx.core.struts.action.BaseAction#execute:158<br /> org.apache.struts.action.RequestProcessor#processActionPerform:425<br /> org.apache.struts.action.RequestProcessor#process:228<br /> net.xxxxx.core.struts.PPRequestProcessor#process:77<br /> org.apache.struts.action.ActionServlet#process:1913<br /> org.apache.struts.action.ActionServlet#doGet:449<br /> javax.servlet.http.HttpServlet#service:617<br /> javax.servlet.http.HttpServlet#service:717

    The asynchronous image loading bails out with the following exception:

    sun.awt.image.PNGImageDecoder$PNGException: Broken file<br /> at sun.awt.image.PNGImageDecoder.pngassert(PNGImageDecoder.java:94)<br /> at sun.awt.image.PNGImageDecoder.handleChunk(PNGImageDecoder.java:107)<br /> at sun.awt.image.PNGImageDecoder.getData(PNGImageDecoder.java:726)<br /> at sun.awt.image.PNGImageDecoder.produceImage(PNGImageDecoder.java:252)<br /> at sun.awt.image.InputStreamImageSource.doFetch(InputStreamImageSource.java:269)<br /> at sun.awt.image.ImageFetcher.fetchloop(ImageFetcher.java:205)<br /> at sun.awt.image.ImageFetcher.run(ImageFetcher.java:169)

    …and PD4ML never notice this and gets stuck inside a loop waiting for Image.getHeight() returning anything other than -1 (which it will never be since it can’t be loaded). Thankfully it sleeps 10ms between each height check, otherwise it would have CPU starved the server in the process. But the any InterruptedException while sleeping is swallowed without leaving the loop, so it is rather hard to interrupt the infinite loop from the outside.

    Of course PD4ML must detect that the image loading fails or at the very least abort waiting after a few seconds (or minutes if you like).

    I consider this a rather big flaw in PD4ML error handling. I attach an example of such a broken PNG image.


    I can confirm that this bug has been fixed in PD4ML 380fx9. Thanks.

Viewing 2 posts - 1 through 2 (of 2 total)

The forum ‘Troubleshooting’ is closed to new topics and replies.