Hi, we ran into an issue this week with running out of disk space on our server. I found 25GB of temp files in C:\lucee\tomcat\temp. The files are named like
I downloaded and installed a fresh Lucee install and was able to reproduce the issue there. Any time a file is uploaded larger than 1024kb, an orphaned .tmp file gets left in the above mentioned directory. I think this will happen anytime the entire post is larger than 1024kb, I don’t think it’s specifically related to file uploads. I say that because when I look at the contents of the .tmp file, it appears to be the entire post (containing the ------WebKitFormBoundaryxg5wkakqtDQYZgAH etc.).
I wasn’t sure if this was a Tomcat issue or a Lucee issue, I could not turn up anything when googling this issue related to Tomcat. I believe the issue is in this file “HTTPServletRequestWrap.java”, which had a major change related to these .tmp files 17 months ago: LDEV-2087 - do not depend on "getContentLength" for file upload mode … · lucee/Lucee@e605da9 · GitHub
[LDEV-2087] - Lucee
Not only is this a maintenance/disk space issue, but I believe it has security implications as well. It leaves data sitting around in clear text that perhaps should not be.