Closed
Bug 1176033
Opened 9 years ago
Closed 9 years ago
When mozregression provides a "resume" command, it needs to quote and/or escape special characters in the user-provided -a/--arg parameter, to handle URLs with "&" and other special characters
Categories
(Testing :: mozregression, defect)
Testing
mozregression
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: dholbert, Assigned: parkouss)
References
Details
Attachments
(1 file)
STR: 1. Run mozregression with an "-a" arg, providing a URL that has a & in it. e.g.: mozregression -a "https://treeherder.mozilla.org/#/jobs?repo=mozilla-inbound&revision=ceba6484abda" --good=2015-05-01 --bad=2015-06-15 Note that the quotes around the URL are very important here. They prevent my shell from interpreting the "&" as meaning "run in the background, and then run this command". (2) Interrupt it while it's downloading a build. (3) Inspect its "To resume" instructions ACTUAL RESULTS: 0:03.19 LOG: Dummy-14 Bisector INFO To resume, run: 0:03.19 LOG: Dummy-14 Bisector INFO mozregression --good=2015-05-01 --bad=2015-06-15 --app=firefox --arg=https://treeherder.mozilla.org/#/jobs?repo=mozilla-inbound&revision=ceba6484abda --bits=64 Note that it's missing quotes around the URL. EXPECTED RESULTS: Quotes around the "--arg" value. NOTE: If I actually run this command, I get the following output: [dholbert@indigo:~]$ mozregression --good=2015-05-01 --bad=2015-06-15 --app=firefox --arg=https://treeherder.mozilla.org/#/jobs?repo=mozilla-inbound&revision=ceba6484abda --bits=64 [1] 7987 --bits=64: command not found [dholbert@indigo:~]$ 0:01.42 LOG: MainThread Bisector INFO Downloading build from: http://ftp.mozilla.org/pub/mozilla.org/firefox/nightly/2015/05/2015-05-24-03-02-34-mozilla-central/firefox-41.0a1.en-US.linux-x86_64.tar.bz2 ===== Downloaded 100% ===== "[1] 7987" is my shell telling me that it's backgrounded a process (due to the "&". "--bits=64" is my shell telling me it *tried to run '--bits=64' as its own separate command". (!!)
Reporter | ||
Comment 1•9 years ago
|
||
(Additionally, any quotes that happen to be inside of the URL probably need to be escaped, I think.)
Summary: When mozregression provides a "resume" command, it needs to be careful about URLs with "&" in them → When mozregression provides a "resume" command, should include quotes around the value, to handle URLs with "&" in them
Reporter | ||
Comment 2•9 years ago
|
||
More contrived, but also worth worrying about: dollar signs in the URL. Those have a special meaning unless they're escaped (maybe even inside quotes?) And other symbols like "`" and "#", too. EXAMPLE WITH DOLLAR SIGNS: if you run this command: mozregression --good=2015-05-01 -a=https://mozilla.org/\$USER it pops up Firefox instances, loading the URL "https://www.mozilla.org/en-US/$USER" as you'd expect. But if you interrupt that command, the suggested resume command is: mozregression --good=2015-05-01 --bad=2015-06-18 --app=firefox --arg=https://mozilla.org/$USER --bits=64 And *that* command will pop up Firefox instances that load https://www.mozilla.org/en-US/dholbert (or whatever your username is). Depending on the particular $FOO environmental variable, this may end up leaking private data or do something very unexpected.
Reporter | ||
Updated•9 years ago
|
Summary: When mozregression provides a "resume" command, should include quotes around the value, to handle URLs with "&" in them → When mozregression provides a "resume" command, it needs to quote and/or escape special characters in the user-provided -a/--arg parameter, to handle URLs with "&" and other special characters
Reporter | ||
Comment 3•9 years ago
|
||
I have mozregression version 0.36 (according to mozregression --version), which is the latest that pip will give me.
Assignee | ||
Comment 4•9 years ago
|
||
Thanks Daniel for the bug report! It is clearly missing some url escaping here. We could fix it properly. Also, I remember I opened a bug some time ago (bug 1138145) because it is not the first time the resume info is broken; So I would like your opinion here: does it matter to you if we only print the --good/--bad or --good-rev/--bad-rev options, or do you think it is better to print the whole options the user entered ? I'm in favor of just saying something like: Resume info: run your last command using --good=2015-06-20 --bad 2015-06-23 (instead of all options) To me, it is simple enough. But if there is any interest to somebody, we can do otherwise. What do you think ?
Assignee | ||
Updated•9 years ago
|
Flags: needinfo?(dholbert)
Reporter | ||
Comment 5•9 years ago
|
||
Sure, I'd be happy having it just omit the "--arg" option (since it's hard to get the escaping right in all edge-cases). I think you may need more than just --good/--bad in general, e.g. if I started bisecting Nightlies and then mozregression gets interrupted while it's progressed to bisecting inbound builds. (at which point it needs some more nuanced args to resume properly I think) But yeah, that basically sounds good.
Flags: needinfo?(dholbert)
Assignee | ||
Comment 6•9 years ago
|
||
Yeah, I was thinking --good/--bad, and in case we started inbound (or switched to inbound) then print --good-rev/--bad-rev. Will, a preference here ?
Flags: needinfo?(wlachance)
See Also: → 1138145
Comment 7•9 years ago
|
||
Ideally we would print the entire thing so the user can cut & paste easily, but using a subset is better than printing a command that will fail. I don't think fixing the printout to escape stuff should be that hard?
Flags: needinfo?(wlachance)
Assignee | ||
Comment 8•9 years ago
|
||
agreed - let fix this properly. :)
Assignee | ||
Comment 9•9 years ago
|
||
Comment 10•9 years ago
|
||
Comment on attachment 8624520 [details] [review] fix resume info escaping LGTM!
Attachment #8624520 -
Flags: review?(wlachance) → review+
Assignee | ||
Comment 11•9 years ago
|
||
Thanks Will! I merged this in: https://github.com/mozilla/mozregression/commit/ac551d09b47c89c2efb917f75cd062e9ea972ee2 I think we could do a release soon - I'll say next week. Also, a gui release would be great, there are some great things added recently!
Status: ASSIGNED → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•