Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Next challenges

Recent achievements

  • Global
  • Personal

Recognition

  • Give kudos
  • Received
  • Given

Leaderboard

  • Global

Trophy case

Kudos (beta program)

Kudos logo

You've been invited into the Kudos (beta program) private group. Chat with others in the program, or give feedback to Atlassian.

View group

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Confluence vulnerability Edited

Hello,
actually we are solving a problem with our production Confluence 7.4.6. During the regular operation, for some reasons, Confluence felt down and did not start anymore. We did a restore the application directory (not the data directory) from backup and it helped to run Confluence again. During the analysis we realized that two core plugin files (atlassian-plugins-webfragment-api-5.0.0.jar and atlassian-plugins-webresource-4.1.3.jar) were corrupted - their size was 0 bytes with the date change which reflects that operational break.
Now we investigate possible reasons and you could help us with this - please, do you have any similar issue in your knowledge-base, related to zero-sized core files during the operation? Regardless it could be some kind of vulnerability or bug or some specific situation on OS. There were no specific log messages related to this file change, except the stack-trace when the break occurred (attached logs from confluence-start which were the same, the original log rotated out quite fast ;)).
I have also tried to search on web what could be the reason but I was not successful.
We are still investigating the system security and confidence but your knowledge will help us a lot.
Thank you very much.

OS: CentOS 8
DB: PostgreSQL 10.14
Confluence: 7.4.6
Disk capacity on application dir: more than 150 GB free
Disk capacity on data dir: more than 180 GB free

1 answer

0 votes

This is not something the application could do.  The only time I can imagine the file sizes being set to zero are if you're trying a (re)install and run out of disk space part way through.  Or maybe if your backups ran out of space so they recorded some zero length files.

I might accuse anti-virus too - if they mis-detect a virus, they are often supposed to quarantine files, moving them to another place where they can be secured.  I don't remember any that leave a zero length placeholder there when they do that, but I guess it is possible.

Otherwiae, you'd need to be looking at humans deleting or writing zero length files.

I'm afraid you're going to need to restore those files, either by checking that they are right in the backups and extracting those, or by doing a clean installation.

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Confluence

Announcing Team Calendars in Confluence Data Center

Hi Community! We're thrilled to share that Team Calendars for Confluence is now a built-in feature for Confluence Data Center releases 7.11 and beyond.  A long time favorite,  Team Cale...

125 views 0 3
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you