PI94763: Fileupload causes NullPointerException on getHeader() call

Download

Abstract

Fileupload causes NullPointerException on getHeader() call

Download Description

NOTE: Interim Fix PI90804 had a regression problem The fixes for PI90804 have been replaced for Liberty only with interim fixes PI94763. For more information, refer to the security bulletin http://www-01.ibm.com/support/docview.wss?uid=swg22011428

PI94763 resolves the following problem:

ERROR DESCRIPTION:
During a servlet request, the customer could encounter a
Null Pointer Exception when accessing the getHeader() call
because a previous call using the commons file upload
library cause a null header to be produced.

LOCAL FIX:

PROBLEM SUMMARY

USERS AFFECTED:
All users of IBM WebSphere Application
Server Liberty

PROBLEM DESCRIPTION:
NullPointerException when servlet calls
getHeader()

RECOMMENDATION:
None

During a servlet request, the customer could encounter a
NullPointerException when calling getHeader() if a previous
servlet request handled a file upload and contained an embedded
FileItem.

An example stackdump of the NPE:
Caused by: java.lang.NullPointerException
at
com.ibm.ws.webcontainer.srt.SRTServletRequestPart.getHeader(SRTS
ervletRequestPart.java:90)
at
org.springframework.web.multipart.support.StandardMultipartHttpS
ervletRequest.parseRequest(StandardMultipartHttpServletRequest.j
ava:97)
... 72 more

PROBLEM CONCLUSION:
A class in the commons fileupload library was recently patched
to address another issue, (APAR PI90804) but was missing an implementing
interface, which caused this regression. This fix adds in the
interface, which resolves the issue.

The fix for this APAR is currently targeted for inclusion in fix
pack 18.0.0.1. Please refer to the Recommended Updates page for
delivery information:
http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980

Prerequisites

None

Installation Instructions

Please review the readme.txt for detailed installation instructions.

[{"INLabel":"17.0.0.3 - 17.0.0.4 Readme (non-archive)","INLang":"US English","INSize":"3574","INURL":"ftp://public.dhe.ibm.com/software/websphere/appserv/support/fixes/PI94763/17.0.0.4/readme.txt"},{"INLabel":"17.0.0.3 Readme (archive)","INLang":"US English","INSize":"3876","INURL":"ftp://public.dhe.ibm.com/software/websphere/appserv/wlparchive/support/fixes/PI94763/17.0.0.3/readme.txt"},{"INLabel":"17.0.0.4 Readme (archive)","INLang":"US English","INSize":"3888","INURL":"ftp://public.dhe.ibm.com/software/websphere/appserv/wlparchive/support/fixes/PI94763/17.0.0.4/readme.txt"}]

          [{"DNLabel":"17.0.0.3-WS-WLP-IFPI94763","DNDate":"03-16-2018","DNLang":"US English","DNSize":"1084226","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm/WebSphere&product=ibm/WebSphere/WebSphere Liberty&release=All&platform=All&function=fixId&fixids=17.0.0.3-WS-WLP-IFPI94763&includeSupersedes=0","DNURL_FTP":" ","DDURL":null},{"DNLabel":"17.0.0.4-WS-WLP-IFPI94763","DNDate":"03-16-2018","DNLang":"US English","DNSize":"1179861","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm/WebSphere&product=ibm/WebSphere/WebSphere Liberty&release=All&platform=All&function=fixId&fixids=17.0.0.4-WS-WLP-IFPI94763&includeSupersedes=0","DNURL_FTP":" ","DDURL":null},{"DNLabel":"17003-wlp-archive-IFPI94763","DNDate":"15 Mar 2018","DNLang":"US English","DNSize":"1006639","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%2FWebSphere&product=ibm/WebSphere/WebSphere+Liberty&release=All&platform=All&function=fixId&fixids=17003-wlp-archive-IFPI94763&includeSupersedes=0","DNURL_FTP":" ","DDURL":null},{"DNLabel":"17004-wlp-archive-IFPI94763","DNDate":"15 Mar 2018","DNLang":"US English","DNSize":"1106033","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%2FWebSphere&product=ibm/WebSphere/WebSphere+Liberty&release=All&platform=All&function=fixId&fixids=17004-wlp-archive-IFPI94763&includeSupersedes=0","DNURL_FTP":" ","DDURL":null}]
          

Technical Support

Contact IBM Support using SR (http://www.ibm.com/software/support/probsub.html), visit the WebSphere Application Server support web site (http://www.ibm.com/software/webservers/appserv/was/support/), or contact 1-800-IBM-SERV (U.S. only).

[{"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"General","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF012","label":"IBM i"},{"code":"PF016","label":"Linux"},{"code":"PF022","label":"OS X"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"17.0.0.3;17.0.0.4","Edition":"Liberty","Line of Business":{"code":"LOB45","label":"Automation"}}]

Problems (APARS) fixed
PI94763

Was this topic helpful?

Document Information

Modified date:
15 June 2018

UID

swg24044654

Tips