994358 – Unhandled exception: Uploaded file fails virus scan

Bug 994358 - Unhandled exception: Uploaded file fails virus scan

Summary: Unhandled exception: Uploaded file fails virus scan

Keywords:
Status:	CLOSED UPSTREAM
Alias:	None
Product:	Zanata
Classification:	Retired
Component:	Component-Logic
Sub Component:
Version:	development
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	medium
Target Milestone:	---
Target Release:	---
Assignee:	Sean Flanigan
QA Contact:	Zanata-QA Mailling List
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	994362
TreeView+	depends on / blocked

Reported:	2013-08-07 06:31 UTC by Damian Jansen
Modified:	2015-07-31 01:48 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2015-07-31 01:48:15 UTC
Embargoed:

Attachments	(Terms of Use)

Description Damian Jansen 2013-08-07 06:31:55 UTC

Description of problem:
If a user uploads a file with a virus, they should be told as such.

Version-Release number of selected component (if applicable):
Dev

How reproducible:
Easy always

Steps to Reproduce:
1. Sign in as admin/maintainer
2. Go to a project version
3. Press Source Documents
4. Press Upload document
5. Select the virus file (see Additional Info)
6. Press Upload

Actual results:
An unexpected error has occurred. Please report this problem with details of what you were attempting. 

Expected results:
Error|Warning|Failure: Mother of Glob you've uploaded a virus.

Additional info:
Test "Virus" files can be downloaded from http://www.eicar.org/85-0-Download.html

16:26:00,164 ERROR [org.jboss.seam.exception.Exceptions] (http-/127.0.0.1:8080-1) handled and logged exception: javax.servlet.ServletException: org.zanata.exception.VirusDetectedException: clamdscan detected virus: /tmp/zanatafiles/documents/208.txt: Eicar-Test-Signature FOUND

	at javax.faces.webapp.FacesServlet.service(FacesServlet.java:606) [jboss-jsf-api_2.1_spec-2.1.19.1.Final-redhat-1.jar:2.1.19.1.Final-redhat-1]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:295) [jbossweb-7.2.0.Final-redhat-1.jar:7.2.0.Final-redhat-1]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb-7.2.0.Final-redhat-1.jar:7.2.0.Final-redhat-1]
	at net.bull.javamelody.MonitoringFilter.doFilter(MonitoringFilter.java:163) [javamelody-core-1.41.0.jar:1.41.0]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:246) [jbossweb-7.2.0.Final-redhat-1.jar:7.2.0.Final-redhat-1]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb-7.2.0.Final-redhat-1.jar:7.2.0.Final-redhat-1]
	at org.tuckey.web.filters.urlrewrite.RuleChain.handleRewrite(RuleChain.java:176) [urlrewritefilter-4.0.4.jar:4.0.4]
	at org.tuckey.web.filters.urlrewrite.RuleChain.doRules(RuleChain.java:145) [urlrewritefilter-4.0.4.jar:4.0.4]
	at org.tuckey.web.filters.urlrewrite.UrlRewriter.processRequest(UrlRewriter.java:92) [urlrewritefilter-4.0.4.jar:4.0.4]
	at org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:389) [urlrewritefilter-4.0.4.jar:4.0.4]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:246) [jbossweb-7.2.0.Final-redhat-1.jar:7.2.0.Final-redhat-1]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb-7.2.0.Final-redhat-1.jar:7.2.0.Final-redhat-1]
	at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:83) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.web.LoggingFilter.doFilter(LoggingFilter.java:60) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:86) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:64) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.servlet.SeamFilter.doFilter(SeamFilter.java:158) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:246) [jbossweb-7.2.0.Final-redhat-1.jar:7.2.0.Final-redhat-1]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb-7.2.0.Final-redhat-1.jar:7.2.0.Final-redhat-1]
	at org.zanata.seam.interceptor.MonitoringWrapper.doFilter(MonitoringWrapper.java:70) [classes:]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:246) [jbossweb-7.2.0.Final-redhat-1.jar:7.2.0.Final-redhat-1]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb-7.2.0.Final-redhat-1.jar:7.2.0.Final-redhat-1]
	at org.zanata.servlet.GWTCacheControlFilter.doFilter(GWTCacheControlFilter.java:63) [classes:]
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:246) [jbossweb-7.2.0.Final-redhat-1.jar:7.2.0.Final-redhat-1]
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:214) [jbossweb-7.2.0.Final-redhat-1.jar:7.2.0.Final-redhat-1]
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230) [jbossweb-7.2.0.Final-redhat-1.jar:7.2.0.Final-redhat-1]
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:149) [jbossweb-7.2.0.Final-redhat-1.jar:7.2.0.Final-redhat-1]
	at org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50) [jboss-as-jpa-7.2.0.Final-redhat-8.jar:7.2.0.Final-redhat-8]
	at org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50) [jboss-as-jpa-7.2.0.Final-redhat-8.jar:7.2.0.Final-redhat-8]
	at org.jboss.security.negotiation.NegotiationAuthenticator$WrapperValve.invoke(NegotiationAuthenticator.java:336) [jboss-negotiation-common-2.2.5.Final-redhat-1.jar:2.2.5.Final-redhat-1]
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:389) [jbossweb-7.2.0.Final-redhat-1.jar:7.2.0.Final-redhat-1]
	at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:169) [jboss-as-web-7.2.0.Final-redhat-8.jar:7.2.0.Final-redhat-8]
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:145) [jbossweb-7.2.0.Final-redhat-1.jar:7.2.0.Final-redhat-1]
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:97) [jbossweb-7.2.0.Final-redhat-1.jar:7.2.0.Final-redhat-1]
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:102) [jbossweb-7.2.0.Final-redhat-1.jar:7.2.0.Final-redhat-1]
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:336) [jbossweb-7.2.0.Final-redhat-1.jar:7.2.0.Final-redhat-1]
	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856) [jbossweb-7.2.0.Final-redhat-1.jar:7.2.0.Final-redhat-1]
	at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:653) [jbossweb-7.2.0.Final-redhat-1.jar:7.2.0.Final-redhat-1]
	at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:920) [jbossweb-7.2.0.Final-redhat-1.jar:7.2.0.Final-redhat-1]
	at java.lang.Thread.run(Thread.java:662) [rt.jar:1.6.0_37]
Caused by: javax.faces.el.EvaluationException: org.zanata.exception.VirusDetectedException: clamdscan detected virus: /tmp/zanatafiles/documents/208.txt: Eicar-Test-Signature FOUND

	at javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:101) [jboss-jsf-api_2.1_spec-2.1.19.1.Final-redhat-1.jar:2.1.19.1.Final-redhat-1]
	at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:101) [jsf-impl-2.1.19-redhat-1.jar:2.1.19-redhat-1]
	at net.bull.javamelody.JsfActionListener.processAction(JsfActionListener.java:65) [javamelody-core-1.41.0.jar:1.41.0]
	at javax.faces.component.UICommand.broadcast(UICommand.java:315) [jboss-jsf-api_2.1_spec-2.1.19.1.Final-redhat-1.jar:2.1.19.1.Final-redhat-1]
	at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:786) [jboss-jsf-api_2.1_spec-2.1.19.1.Final-redhat-1.jar:2.1.19.1.Final-redhat-1]
	at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1251) [jboss-jsf-api_2.1_spec-2.1.19.1.Final-redhat-1.jar:2.1.19.1.Final-redhat-1]
	at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:81) [jsf-impl-2.1.19-redhat-1.jar:2.1.19-redhat-1]
	at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101) [jsf-impl-2.1.19-redhat-1.jar:2.1.19-redhat-1]
	at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118) [jsf-impl-2.1.19-redhat-1.jar:2.1.19-redhat-1]
	at javax.faces.webapp.FacesServlet.service(FacesServlet.java:593) [jboss-jsf-api_2.1_spec-2.1.19.1.Final-redhat-1.jar:2.1.19.1.Final-redhat-1]
	... 42 more
Caused by: org.zanata.exception.VirusDetectedException: clamdscan detected virus: /tmp/zanatafiles/documents/208.txt: Eicar-Test-Signature FOUND

	at org.zanata.rest.service.VirusScanner.handleResult(VirusScanner.java:155) [classes:]
	at org.zanata.rest.service.VirusScanner.doScan(VirusScanner.java:124) [classes:]
	at org.zanata.rest.service.VirusScanner.scan(VirusScanner.java:110) [classes:]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.6.0_37]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [rt.jar:1.6.0_37]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [rt.jar:1.6.0_37]
	at java.lang.reflect.Method.invoke(Method.java:597) [rt.jar:1.6.0_37]
	at org.jboss.seam.util.Reflections.invoke(Reflections.java:22) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.intercept.RootInvocationContext.proceed(RootInvocationContext.java:32) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:56) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.transaction.RollbackInterceptor.aroundInvoke(RollbackInterceptor.java:28) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.core.MethodContextInterceptor.aroundInvoke(MethodContextInterceptor.java:44) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.intercept.RootInterceptor.invoke(RootInterceptor.java:107) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.intercept.JavaBeanInterceptor.interceptInvocation(JavaBeanInterceptor.java:186) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.intercept.JavaBeanInterceptor.invoke(JavaBeanInterceptor.java:104) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.zanata.rest.service.VirusScanner_$$_javassist_seam_53.scan(VirusScanner_$$_javassist_seam_53.java) [classes:]
	at org.zanata.file.FileSystemPersistService.persistRawDocumentContentFromFile(FileSystemPersistService.java:81) [classes:]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.6.0_37]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [rt.jar:1.6.0_37]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [rt.jar:1.6.0_37]
	at java.lang.reflect.Method.invoke(Method.java:597) [rt.jar:1.6.0_37]
	at org.jboss.seam.util.Reflections.invoke(Reflections.java:22) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.intercept.RootInvocationContext.proceed(RootInvocationContext.java:32) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:56) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.transaction.RollbackInterceptor.aroundInvoke(RollbackInterceptor.java:28) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.core.BijectionInterceptor.aroundInvoke(BijectionInterceptor.java:77) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.core.MethodContextInterceptor.aroundInvoke(MethodContextInterceptor.java:44) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.intercept.RootInterceptor.invoke(RootInterceptor.java:107) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.intercept.JavaBeanInterceptor.interceptInvocation(JavaBeanInterceptor.java:186) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.intercept.JavaBeanInterceptor.invoke(JavaBeanInterceptor.java:104) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.zanata.file.FileSystemPersistService_$$_javassist_seam_48.persistRawDocumentContentFromFile(FileSystemPersistService_$$_javassist_seam_48.java) [classes:]
	at org.zanata.action.ProjectIterationFilesAction.uploadAdapterFile(ProjectIterationFilesAction.java:421) [classes:]
	at org.zanata.action.ProjectIterationFilesAction.uploadDocumentFile(ProjectIterationFilesAction.java:264) [classes:]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.6.0_37]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [rt.jar:1.6.0_37]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [rt.jar:1.6.0_37]
	at java.lang.reflect.Method.invoke(Method.java:597) [rt.jar:1.6.0_37]
	at org.jboss.seam.util.Reflections.invoke(Reflections.java:22) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.intercept.RootInvocationContext.proceed(RootInvocationContext.java:32) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:56) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.zanata.seam.interceptor.CachedMethodResultInterceptor.aroundInvoke(CachedMethodResultInterceptor.java:94) [classes:]
	at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.transaction.RollbackInterceptor.aroundInvoke(RollbackInterceptor.java:28) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.core.BijectionInterceptor.aroundInvoke(BijectionInterceptor.java:77) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.core.MethodContextInterceptor.aroundInvoke(MethodContextInterceptor.java:44) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.security.SecurityInterceptor.aroundInvoke(SecurityInterceptor.java:163) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.core.SynchronizationInterceptor.aroundInvoke(SynchronizationInterceptor.java:35) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.intercept.RootInterceptor.invoke(RootInterceptor.java:107) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.intercept.JavaBeanInterceptor.interceptInvocation(JavaBeanInterceptor.java:186) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.jboss.seam.intercept.JavaBeanInterceptor.invoke(JavaBeanInterceptor.java:104) [jboss-seam-2.3.0.Final.jar:2.3.0.Final]
	at org.zanata.action.ProjectIterationFilesAction_$$_javassist_seam_46.uploadDocumentFile(ProjectIterationFilesAction_$$_javassist_seam_46.java) [classes:]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.6.0_37]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [rt.jar:1.6.0_37]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [rt.jar:1.6.0_37]
	at java.lang.reflect.Method.invoke(Method.java:597) [rt.jar:1.6.0_37]
	at org.jboss.el.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:335) [jboss-el-1.0_02.CR6.jar:1.0_02.CR6]
	at org.jboss.el.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:348) [jboss-el-1.0_02.CR6.jar:1.0_02.CR6]
	at org.jboss.el.parser.AstPropertySuffix.invoke(AstPropertySuffix.java:58) [jboss-el-1.0_02.CR6.jar:1.0_02.CR6]
	at org.jboss.el.parser.AstValue.invoke(AstValue.java:96) [jboss-el-1.0_02.CR6.jar:1.0_02.CR6]
	at org.jboss.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:276) [jboss-el-1.0_02.CR6.jar:1.0_02.CR6]
	at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105) [jsf-impl-2.1.19-redhat-1.jar:2.1.19-redhat-1]
	at javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:87) [jboss-jsf-api_2.1_spec-2.1.19.1.Final-redhat-1.jar:2.1.19.1.Final-redhat-1]
	... 51 more

Comment 1 Zanata Migrator 2015-07-31 01:48:15 UTC

Migrated; check JIRA for bug status: http://zanata.atlassian.net/browse/ZNTA-548

Note You need to log in before you can comment on or make changes to this bug.