Weird ColdFusion 2016 error

Report · Mar 18, 2016

I installed CF 2016 last night and will randomly start getting "java.lang.NullPointerException" on every page. Also, I'm getting CF errors on pages when I don't include the "www." in the URL. For instance, if you go to

http://wrestlinginc.com/temp/test2.cfm

You will get an error, details are below. It's the exact same file as if you add the "www.", which comes up fine:

http://www.wrestlinginc.com/temp/test2.cfm

Here is the error from the error log:

"Error","ajp-nio-8016-exec-4","03/18/16","14:45:49","www_wrestlinginc_prod","'' The specific sequence of files included or processed is: XXXXXXXXXXXXXXXXXX\test2.cfm'' "

java.lang.NullPointerException

Any help would be greatly appreciated. I'm getting close to going back to CF10

Report · Mar 18, 2016

Could it be an issue with "Cache web server paths"? What is that set to in CF Administrator (under the Caching section)?

Report · Mar 18, 2016

@majorsaab21

Could you please post log entries from coldfusion-error and exception logs for our investigation?

Path: ColdFusion2016\cfusion\logs

Thanks,

Vikram

Report · Mar 18, 2016

Odd, so when I turn sessionManagement off in Application.cfc, it works fine. Does that make sense? Here is the full error from the exception log:

"Error","ajp-nio-8016-exec-6","03/18/16","14:51:10","prod","'' The specific sequence of files included or processed is: XXXXXXXXXXXXXXXXX\test2.cfm'' "

java.lang.NullPointerException

at coldfusion.runtime.AppHelper.isValidCFID(AppHelper.java:463)

at coldfusion.runtime.AppHelper.getClientIDs(AppHelper.java:299)

at coldfusion.runtime.AppHelper.handleClientIDs(AppHelper.java:204)

at coldfusion.runtime.AppHelper.ValidateClientAndSession(AppHelper.java:1195)

at coldfusion.filter.ApplicationFilter.invoke(ApplicationFilter.java:408)

at coldfusion.filter.RequestMonitorFilter.invoke(RequestMonitorFilter.java:43)

at coldfusion.filter.MonitoringFilter.invoke(MonitoringFilter.java:40)

at coldfusion.filter.PathFilter.invoke(PathFilter.java:142)

at coldfusion.filter.ExceptionFilter.invoke(ExceptionFilter.java:94)

at coldfusion.filter.ClientScopePersistenceFilter.invoke(ClientScopePersistenceFilter.java:28)

at coldfusion.filter.BrowserFilter.invoke(BrowserFilter.java:38)

at coldfusion.filter.NoCacheFilter.invoke(NoCacheFilter.java:60)

at coldfusion.filter.GlobalsFilter.invoke(GlobalsFilter.java:38)

at coldfusion.filter.DatasourceFilter.invoke(DatasourceFilter.java:22)

at coldfusion.filter.CachingFilter.invoke(CachingFilter.java:62)

at coldfusion.CfmServlet.service(CfmServlet.java:219)

at coldfusion.bootstrap.BootstrapServlet.service(BootstrapServlet.java:89)

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:291)

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)

at coldfusion.monitor.event.MonitoringServletFilter.doFilter(MonitoringServletFilter.java:42)

at coldfusion.bootstrap.BootstrapFilter.doFilter(BootstrapFilter.java:46)

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)

at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:239)

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)

at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:218)

at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106)

at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502)

at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:142)

at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)

at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)

at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:532)

at org.apache.coyote.ajp.AbstractAjpProcessor.process(AbstractAjpProcessor.java:874)

at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:673)

at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1500)

at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1456)

at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)

at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)

at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)

at java.lang.Thread.run(Thread.java:745)

Report · Mar 21, 2016

Have you tried creating a new test page and check if you see the same errors with sessionManagement enabled. You could also check "Cache web server paths" under CF admin as suggested by Carl.

Report · Aug 11, 2016

majorsaab21 wrote:
Odd, so when I turn sessionManagement off in Application.cfc, it works fine. Does that make sense? Here is the full error from the exception log:
"Error","ajp-nio-8016-exec-6","03/18/16","14:51:10","prod","'' The specific sequence of files included or processed is: XXXXXXXXXXXXXXXXX\test2.cfm'' "
java.lang.NullPointerException
...

Could you share your Application.cfc code with us?

Report · Aug 16, 2016

no Session -> no cookie --> no bug --> no nullpointer exception

The best way to check this, is an lamp/wamp environment with CF9 and CF2016(ACF12) on tomcat8 on port 8080 and 8180. Then change the rewriting (apache/nginx) from CF9(8080) to CF2016(8180).
Then you'll see whats happen. Kill cookie on CF2016 then it will be al fine, but how do you tell all your clients to kill their cookie.

The Application.cfc is not the reason for the buggy sessionrotate/cookie handling.

Report · Jul 05, 2016

The problem is the client CFID value. In CF2016 it a combination of numbers and letters. In previous CF-Versions it seams to be only a numeric value (in CF9 it is only a number like : '10900'). When it is only a number and not a combination of numbers and letters, the server comes up with a nullPointer exception '

java.lang.NullPointerException

at coldfusion.runtime.AppHelper.isValidCFID.......... bla

'

When you delete your cookie everything is all right, but this is not a solution for your website/application visitors.

Reset cookie is impossible (no valid session exists)
Set cookie is impossible <cfcookie name="CFID" expires="now"> <cfcookie name="CFToken" expires="now"> no access to cookie possible.

No solution found. I'll contact the support soon.

Report · Jul 08, 2016

I have found this to be the case as well. Deleting the cookie clears the error but obviously we can't have every visitor do this. Please post back if you get anywhere with support.

Report · Jul 19, 2016

I'll contact the support team. I'll inform you, if we have an solution.

regards

Report · Aug 02, 2016

Has anyone heard back from support on this issue? We are running into it as well. It clears up when we delete the CFID and CFTOKEN session variables, but obviously we can't advise our clients to do that. I'm just wondering if anyone has heard back from Adobe on this issue.

Thanks!

Report · Aug 10, 2016

Hi, they informed me that the issue requires a Support Plan (Platinum Support) to be purchased, after which they would be able to assist me with a solution. This is not acceptable in my view, because this is not an error of an application. It is an Server issue. You have no chance to avoid this error. The only chance is to disable the cookie's/session management. This could not the solution for premium purchase software. We'll wait for an answer again.

Report · Aug 10, 2016

Does Adobe ever wonder why ColdFusion is losing popularity? Does Adobe care? Did ColdFusion spoil Adobe's plans to create a server-side scripting solution, or something?

What's going on, Adobe? You release CF12 (aka CF2016), and from what I've been reading, so far, there are a large number of bugs and other issues that need to be addressed. But gotta make the customer pay for it, right? I mean, we can't have the shareholders lose money, right?

Every day, Lucee looks better and better.

^_^

Report · Aug 19, 2016

Wait until the next release --->Bug#4173657 - setDomainCookies causes NullPointerException on domain change

Thanks Adobe