Processing malformed PNG by incoming mail handler causes OOM and blocks queue

2014-04-25T07:23:42
ID ATLASSIAN:JRASERVER-38028
Type atlassian
Reporter gtanczyk
Modified 2019-03-28T00:13:33

Description

{panel:bgColor=#e7f4fa} NOTE: This bug report is for JIRA Server. Using JIRA Cloud? [See the corresponding bug report|http://jira.atlassian.com/browse/JRACLOUD-38028]. {panel}

There are two problems: 1. OOM 2. Incoming email processing is blocked

Looks like this is similar problem to JRA-35816, fixed in atlassian-core, but mail handler does not use atlassian-core. It affects production OnDemand, all instances.

{code}java.lang.OutOfMemoryError: Java heap space Dumping heap to java_pid9943.hprof ... Heap dump file created [295513170 bytes in 1,603 secs] 2014-04-25 17:19:35,812 http-bio-8090-exec-12 ERROR admin 1039x1167x1 1vj4fgc 127.0.0.1 /rest/jira-mail-plugin/1.0/message-handlers/test [common.error.jersey.ThrowableExceptionMapper] Uncaught exception thrown by REST service: Java heap space java.lang.OutOfMemoryError: Java heap space at com.sun.imageio.plugins.png.PNGImageReader.readMetadata(PNGImageReader.java:728) at com.sun.imageio.plugins.png.PNGImageReader.getImageMetadata(PNGImageReader.java:1550) at com.atlassian.jira.plugins.mail.handlers.GeneratedAttachmentRecogniser.containsJiraMetadata(GeneratedAttachmentRecogniser.java:64) at com.atlassian.jira.plugins.mail.handlers.GeneratedAttachmentRecogniser.<init>(GeneratedAttachmentRecogniser.java:32) at com.atlassian.jira.plugins.mail.handlers.AbstractMessageHandler.isJiraGeneratedAttachment(AbstractMessageHandler.java:836) at com.atlassian.jira.plugins.mail.handlers.AbstractMessageHandler.shouldAttach(AbstractMessageHandler.java:779) at com.atlassian.jira.plugins.mail.handlers.AbstractMessageHandler$2.handlePart(AbstractMessageHandler.java:619) at com.atlassian.jira.plugins.mail.handlers.AbstractMessageHandler.handleMultipart(AbstractMessageHandler.java:691) at com.atlassian.jira.plugins.mail.handlers.AbstractMessageHandler.handleMultipart(AbstractMessageHandler.java:683) at com.atlassian.jira.plugins.mail.handlers.AbstractMessageHandler.createAttachmentsForMessage(AbstractMessageHandler.java:652) at com.atlassian.jira.plugins.mail.handlers.CreateIssueHandler.handleMessage(CreateIssueHandler.java:274) at com.atlassian.jira.plugins.mail.handlers.CreateOrCommentHandler.handleMessage(CreateOrCommentHandler.java:133) at com.atlassian.jira.service.services.mail.MailFetcherService$1.process(MailFetcherService.java:413) at com.atlassian.jira.service.services.mail.MailFetcherService$MessageProviderImpl.getAndProcessMail(MailFetcherService.java:306) at com.atlassian.jira.service.services.mail.MailFetcherService.runImpl(MailFetcherService.java:401) at com.atlassian.jira.service.services.file.AbstractMessageHandlingService.run(AbstractMessageHandlingService.java:257) at com.atlassian.jira.plugins.mail.rest.MessageHandlersResource$1.run(MessageHandlersResource.java:183) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:439) at com.atlassian.plugin.util.ContextClassLoaderSwitchingUtil.runInContext(ContextClassLoaderSwitchingUtil.java:57) at com.atlassian.plugin.util.ContextClassLoaderSwitchingUtil.runInContext(ContextClassLoaderSwitchingUtil.java:28) at com.atlassian.jira.plugins.mail.rest.MessageHandlersResource.testHandler(MessageHandlersResource.java:169) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at com.sun.jersey.spi.container.JavaMethodInvokerFactory$1.invoke(JavaMethodInvokerFactory.java:60) at com.sun.jersey.server.impl.model.method.dispatch.AbstractResourceMethodDispatchProvider$ResponseOutInvoker._dispatch(AbstractResourceMethodDispatchProvider.java:205) at com.sun.jersey.server.impl.model.method.dispatch.ResourceJavaMethodDispatcher.dispatch(ResourceJavaMethodDispatcher.java:75) at com.sun.jersey.server.impl.uri.rules.HttpMethodRule.accept(HttpMethodRule.java:288) at com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:147) at com.sun.jersey.server.impl.uri.rules.ResourceClassRule.accept(ResourceClassRule.java:108) at com.sun.jersey.server.impl.uri.rules.RightHandPathRule.accept(RightHandPathRule.java:147) {code}