Closed Bug 1012672 Opened 11 years ago Closed 10 years ago

Make sure symbol uploads do not allow qcom-private files

Categories

(Socorro :: Webapp, task)

task
Not set
normal

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: kairo, Assigned: peterbe)

References

Details

In bug 916940, we monitored post-facto monitoring for qcom-private symbols, with the new architecture we just should deny symbol packages that contain any of those and inform the uploader about that. peterbe, I hope it's OK to assign this to you right away.
Ted, See above. As you've been my guide and mentor on the symbols piece (me being just the web/api guy), can you help me with this bug. Does it mean I should read the contents of the zip and if it contains a certain filename I should reject the upload?
Flags: needinfo?(ted)
Blocks: 977211
I'm going to punt this to bsmedberg, but I *believe* that's correct. It may be slightly more involved than that, bsmedberg should know.
Flags: needinfo?(ted) → needinfo?(benjamin)
If the symbol contents contain the string "qcom/proprietary" they it should be rejected.
Flags: needinfo?(benjamin)
This is in the symbol files themselves? That makes it slightly more involved, as I guessed. You need to scan the contents of every file within the zip file whose name ends with .sym and look for that string.
(In reply to Ted Mielczarek [:ted.mielczarek] from comment #4) > This is in the symbol files themselves? That makes it slightly more > involved, as I guessed. You need to scan the contents of every file within > the zip file whose name ends with .sym and look for that string. Not a problem. I already scan the content as a pseudo test to see if it's a valid archive file.
Status: NEW → ASSIGNED
Commits pushed to master at https://github.com/mozilla/socorro https://github.com/mozilla/socorro/commit/235d29acdb4eaa981af93dc996778a59c15bbb8e fixes bug 1012672 - Make sure symbol uploads do not allow qcom-private files https://github.com/mozilla/socorro/commit/c7d7346b16e2d07fad48ea22833d01876abbbc69 Merge pull request #2101 from peterbe/bug-1012672-make-sure-symbol-uploads-do-not-allow-qcom-private-files fixes bug 1012672 - Make sure symbol uploads do not allow qcom-private files
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Target Milestone: --- → 89
You need to log in before you can comment on or make changes to this bug.