By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
458,127 Members | 1,366 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 458,127 IT Pros & Developers. It's quick & easy.

Microsoft Patch MS04-028 for the JPG security hole causes errors on Image Control

P: n/a
I think I have a somewhat unique situation here, so I thought I should
post it for the few poor souls who run across it and try to google it
like I did.

First of all, I was getting the following error when trying to hit one
of my pages...

---------------------------------------------------------------------
Invalid URI: There is an invalid sequence in the string.
---------------------------------------------------------------------

The situation: I built an ASP.NET (Framework 1.1) application for
e-commerce. In it, I have a template column in a datagrid that
contains a standard Image control whose ImageUrl property is assigned
through inline ASP script call to a method on my codebehind page like
so...
---------------------------------------------------------------------
<ItemTemplate>
<A href='<%# GetImageUrl ( DataBinder.Eval(Container,
"DataItem.MaleImageName"), true, false) %>' target="_blank'">

<asp:Image id=imgMaleSeries Width="80px" runat="server"
ImageUrl='<%# GetImageUrl ( DataBinder.Eval(Container,
"DataItem.MaleImageName"), true, false) %>' Height="60px"
ToolTip="Click here to view larger image.">
</asp:Image>

</A>

</ItemTemplate>
---------------------------------------------------------------------

Now, what that method does is takes an Application variable loaded
from a DB table containing configuration metadata for the site, and
append that to the name of the item to be displayed to create the full
path to the image to be displayed (the client wanted to be able to
move the images around sometimes, hence the need for this approach).

Recently, the page in question began throwing errors whose stack trace
looks like this...
---------------------------------------------------------------------
at System.Uri..ctor(String uriString, Boolean dontEscape)
at System.Web.Util.UrlPath.MakeRelative(String from, String to)
at System.Web.UI.Control.ResolveClientUrl(String relativeUrl)
at System.Web.UI.WebControls.Image.AddAttributesToRen der(HtmlTextWriter
writer)
at System.Web.UI.WebControls.WebControl.RenderBeginTa g(HtmlTextWriter
writer)
at System.Web.UI.WebControls.WebControl.Render(HtmlTe xtWriter
writer)
at System.Web.UI.Control.RenderControl(HtmlTextWriter writer)
at System.Web.UI.Control.RenderChildren(HtmlTextWrite r writer)
at System.Web.UI.WebControls.TableCell.RenderContents (HtmlTextWriter
writer)
at System.Web.UI.WebControls.WebControl.Render(HtmlTe xtWriter
writer)
at System.Web.UI.Control.RenderControl(HtmlTextWriter writer)
at System.Web.UI.Control.RenderChildren(HtmlTextWrite r writer)
at System.Web.UI.WebControls.WebControl.RenderContent s(HtmlTextWriter
writer)
at System.Web.UI.WebControls.WebControl.Render(HtmlTe xtWriter
writer)
at System.Web.UI.Control.RenderControl(HtmlTextWriter writer)
at System.Web.UI.WebControls.Table.RenderContents(Htm lTextWriter
writer)
at System.Web.UI.WebControls.WebControl.Render(HtmlTe xtWriter
writer)
at System.Web.UI.Control.RenderControl(HtmlTextWriter writer)
at System.Web.UI.Control.RenderChildren(HtmlTextWrite r writer)
at System.Web.UI.WebControls.WebControl.RenderContent s(HtmlTextWriter
writer)
at System.Web.UI.WebControls.BaseDataList.Render(Html TextWriter
writer)
at System.Web.UI.Control.RenderControl(HtmlTextWriter writer)
at System.Web.UI.Control.RenderChildren(HtmlTextWrite r writer)
at System.Web.UI.Control.Render(HtmlTextWriter writer)
at System.Web.UI.Control.RenderControl(HtmlTextWriter writer)
at System.Web.UI.Control.RenderChildren(HtmlTextWrite r writer)
at System.Web.UI.HtmlControls.HtmlForm.RenderChildren (HtmlTextWriter
writer)
at System.Web.UI.HtmlControls.HtmlForm.Render(HtmlTex tWriter
output)
at System.Web.UI.Control.RenderControl(HtmlTextWriter writer)
at System.Web.UI.Control.RenderChildren(HtmlTextWrite r writer)
at System.Web.UI.Control.Render(HtmlTextWriter writer)
at System.Web.UI.Control.RenderControl(HtmlTextWriter writer)
at System.Web.UI.Page.ProcessRequestMain()
---------------------------------------------------------------------

This led me to examine that codebehind method that loads the ImageUrl,
where eventually I found that the value containing the path to the
image also contained an invisible, invalid character (I think it was a
carriage return). When I questioned the client, he told me that they
had recently applied the patch MS04-028 to protect against the
vulnerability described here
(http://www.microsoft.com/technet/sec...MS04-028.mspx).

I have not confirmed with MS, but I think that after the patch was
applied, the Image control was trying to resolve the supplied URI
somehow and was failing when it found the invalid character, whereas
before this patch was applied, the Image control simply took the
string and rendered it "as is". Once we removed the invalid character
(which by the way had been there all along and hadn't caused errors
prior to the patch being applied) from the DB field the application
worked as expected, loading the appropriate images for the items on
the list.

I was just hoping that if anyone out there ran into a combination of
conditions as rare as this one probably is, they might benefit from
our experience!

Greg Christie, MCSD
Jul 21 '05 #1
Share this question for a faster answer!
Share on Google+

This discussion thread is closed

Replies have been disabled for this discussion.