Win a copy of Fixing your Scrum this week in the Agile forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Rob Spoor
  • Liutauras Vilda
  • Jeanne Boyarsky
  • Junilu Lacar
  • Tim Cooke
Saloon Keepers:
  • Tim Holloway
  • Piet Souris
  • Stephan van Hulst
  • Tim Moores
  • Carey Brown
  • Frits Walraven
  • Himai Minh

BadExtensionException isn't handled when inserting a new post with an attachment with forbidden ext

Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

When sending a new post (either a new topic or a reply to an existing topic), attaching a file with a forbidden extension throws a BadExtensionException, which isn't handled. The user sees an error page with a Java stacktrace in the source code.

This is a bug in the class: there are two calls to attachments.preProcess(), one in editSave() and one in insertSave(). The first does a try, catch (AttachmentException e) where as the latter does a try, catch (AttachmentSizeTooBigException e), thus ignoring the BadExtensionException.

Fix is easy: change AttachmentSizeTooBigException to AttachmentException on line 1048. Tested on JForum 2.1.7.
[originally posted on by jooooooon]
Screaming fools! It's nothing more than a tiny ad:
the value of filler advertising in 2021
    Bookmark Topic Watch Topic
  • New Topic