Closed
Bug 1124716
Opened 10 years ago
Closed 10 years ago
regression caused by bug 1090275 to whitelist webservice methods causes test failures with t/012throwables.t
Categories
(Bugzilla :: WebService, defect)
Tracking
()
RESOLVED
FIXED
Bugzilla 4.0
People
(Reporter: dkl, Assigned: dkl)
References
Details
(Keywords: regression)
Attachments
(1 file, 2 obsolete files)
|
656 bytes,
patch
|
dylan
:
review+
|
Details | Diff | Splinter Review |
the patch committed (and released) from bug 1090275 caused a regression. The change doesn't pass tests, and burned all the trees:
# Failed test 'Bugzilla/WebService/Server/JSONRPC.pm has 1 error(s):
# user error tag 'unknown_method' is used at line(s) (410) but not defined for language(s): any'
# at t/012throwables.t line 202.
# Looks like you failed 1 test of 217.
Moral of the story: Never release before Travis has finished all runs after patches are committed :( Just wish Travis was faster.
patch coming
dkl
|
Assignee | |
Updated•10 years ago
|
Keywords: relnote → regression
Summary: WebServices modules should maintain a whitelist of methods that are allowed instead of allowing access to any function imported into its namespace → regression caused by bug 1090275 to whitelist webservice methods causes test failures with t/012throwables.t
|
|
Assignee | |
Comment 1•10 years ago
|
||
Attachment #8553162 -
Flags: review?(dylan)
|
||
Comment 2•10 years ago
|
||
Comment on attachment 8553162 [details] [diff] [review]
Patch for all versions v.1
Review of attachment 8553162 [details] [diff] [review]:
-----------------------------------------------------------------
I think this is the wrong patch?
r-
Attachment #8553162 -
Flags: review?(dylan) → review-
|
|
Assignee | |
Comment 3•10 years ago
|
||
Correct patch. I blame the medication :)
Attachment #8553162 -
Attachment is obsolete: true
Attachment #8553168 -
Flags: review?(dylan)
|
|
||
Comment 4•10 years ago
|
||
Comment on attachment 8553168 [details] [diff] [review]
Patch for all versions v.1
Review of attachment 8553168 [details] [diff] [review]:
-----------------------------------------------------------------
For some reason, in JSONRPC the method name method name... err, that is, bz_method_name is prefixed with an _. This will still result in a 500 error.
::: Bugzilla/WebService/Server/JSONRPC.pm
@@ +390,4 @@
>
> # Only allowed methods to be used from our whitelist
> if (none { $_ eq $method} $pkg->PUBLIC_METHODS) {
> + ThrowCodeError('unknown_method', { method => $self->bz_method_name });
note: wrong method name, needs to be _bz_method_name().
Attachment #8553168 -
Flags: review?(dylan) → review-
|
|
Assignee | |
Comment 5•10 years ago
|
||
Ugh. darn medication again.
Attachment #8553168 -
Attachment is obsolete: true
Attachment #8553176 -
Flags: review?(dylan)
|
|
||
Comment 6•10 years ago
|
||
Comment on attachment 8553176 [details] [diff] [review]
1124716_2.patch
Review of attachment 8553176 [details] [diff] [review]:
-----------------------------------------------------------------
r=dylan
a proper error message for JSONRPC!
Attachment #8553176 -
Flags: review?(dylan) → review+
|
|
Assignee | |
Updated•10 years ago
|
Flags: blocking5.0?
Flags: blocking4.4.8?
Flags: blocking4.2.13?
Flags: blocking4.0.17?
Flags: approval?
Flags: approval5.0?
Flags: approval4.4?
Flags: approval4.2?
Flags: approval4.0?
there's no need to request blocking & approval at the same time for the same branch.
a=glob, please release this asap.
Flags: blocking5.0?
Flags: blocking4.4.8?
Flags: blocking4.4.8+
Flags: blocking4.2.13?
Flags: blocking4.0.17?
Flags: approval?
Flags: approval5.0?
Flags: approval5.0+
Flags: approval4.4?
Flags: approval4.4+
Flags: approval4.2?
Flags: approval4.0?
Flags: approval4.0+
Flags: approval+
|
||
Updated•10 years ago
|
Flags: blocking4.4.8+ → approval4.2?
|
|
Assignee | |
Updated•10 years ago
|
Flags: approval4.2? → approval4.2+
|
|
Assignee | |
Comment 8•10 years ago
|
||
To ssh://gitolite3@git.mozilla.org/bugzilla/bugzilla.git
bb16842..b8575ad master -> master
To ssh://gitolite3@git.mozilla.org/bugzilla/bugzilla.git
ce8c9ca..cce0385 5.0 -> 5.0
To ssh://gitolite3@git.mozilla.org/bugzilla/bugzilla.git
25c0962..6d5669f 4.4 -> 4.4
To ssh://gitolite3@git.mozilla.org/bugzilla/bugzilla.git
7c58944..ecf2254 4.2 -> 4.2
To ssh://gitolite3@git.mozilla.org/bugzilla/bugzilla.git
c4dbb67..2ba0823 4.0 -> 4.0
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•