Closed Bug 242405 Opened 19 years ago Closed 19 years ago

Turning on QA contact causes taint error in Bugzilla/Series.pm when adding a component

Categories

(Bugzilla :: Creating/Changing Bugs, defect)

2.17.7
defect
Not set
major

Tracking

()

RESOLVED FIXED
Bugzilla 2.18

People

(Reporter: shengh, Assigned: glob)

Details

Attachments

(1 file, 2 obsolete files)

User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7b) Gecko/20040316
Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7b) Gecko/20040316

I had my bugzilla upgraded from 2.16.2. Truned on the QA contact, now that I see
"missing" in all of the components, which is of cause a OK as I don't have that
before.

Then I added a new component to the list, however I received the following error:

Software error:

Insecure dependency in parameter 1 of DBI::db=HASH(0x860957c)->do method call
while running with -T switch at Bugzilla/Series.pm line 184.

For help, please send mail to the webmaster (vcad_webmaster@cadence.com), giving
this error message and the time and date of the error. 

However, as I look into the database, the new component is added to the
component list.

Then I tried to add a new bug to the new component, ooops, failed as Bugzilla is
suffering from "internal error" and cannot proceed further. As i can tell,
edit/add bugs are still fine for old components, just those components created
after the upgrade are tied to this problem.

Then if I turned the QA contact off in the edit param page, all goes fine,
edit/add either old existing components, or newly created components are
proceeded as normal.



Reproducible: Always
Steps to Reproduce:
1.
2.
3.
What version did you upgrade *to*?

The problem you're having with the bugs sounds to me like a side-effect of the
error you got when adding the component.
Summary: Turned on QA contact cause submit bug failed → Turning on QA contact causes taint error in Bugzilla/Series.pm when adding a component
question: is the Bugzilla webserver running Windows?  I don't believe
editcomponents.cgi is supposed to be running in taint mode yet...
Blocks: 141006
Hi Miller,

I upgraded to 2.17.7 and running on Linux. 
I cannot make this happen
Maybe not a bug itself in the 2.17.7, instead something need to be find out
between 2.16.2 ~ 2.17.7?

No longer blocks: 141006
I still experience this problem :-(

Now the system is turn to QA off all the time.
If I add a new component to a existing product, bugzilla reports error as
before, however it does add the new component to the database. I can see the new
component from the component list whe I try to add a bug.

However, if I really go to add a new bug __right after__ I create the new
component, I will receive an other error message, something like "illegal
component list" (sorry, my colleague found the problem bug didn't saved the
message). Then the second time if I try to add the other bug to this component,
it passes and everything seems correctly added!! Mytery!

I will try again to reproduce this problem, please let me know what else
information/data/log you guys will need.

cheers.
Okey, I just reproduced the scenario myself and here is the log I save from mysql 
log file and Bugzilla screen output.


Adding a new component named "Vescs" under product "Skill packages":
*********************** log from screen ***************

Adding new component of Skill packages
	  	
Software error:

Insecure dependency in parameter 1 of DBI::db=HASH(0x86093fc)->do method call
while running with -T switch at Bugzilla/Series.pm line 184.

For help, please send mail to the webmaster (vcad_webmaster@cadence.com), giving
this error message and the time and date of the error. 


******************* log from mysql **************************


040602 15:12:58	  44462 Connect     bugs@172.29.139.182 on bugs
		  44462 Query       SELECT profiles.userid, profiles.disabledtext FROM
logincookies, profiles WHERE logincookies.cookie='201' AND  
logincookies.userid=profiles.userid AND   logincookies.userid='1' AND  
(logincookies.ipaddr='172.29.139.136' OR logincookies.ipaddr='172.29.139.136')
		  44462 Query       UPDATE logincookies SET lastused=NULL WHERE cookie='201'
		  44462 Query       SELECT userid,
                                                       login_name,
                                                       realname,
                                                       mybugslink
                                                  FROM profiles
                                                 WHERE userid='1'
		  44462 Query       SELECT 1
                                           FROM profiles, groups
                                          WHERE userid='1'
                                            AND profiles.refreshed_when <=
                                                  groups.last_changed
		  44462 Query       SELECT DISTINCT groups.name, group_id
                                              FROM groups, user_group_map
                                             WHERE groups.id=user_group_map.group_id
                                               AND user_id='1'
                                               AND isbless=0
		  44462 Query       SELECT name, query, linkinfooter
                                  FROM namedqueries
                                 WHERE userid='1'
                              ORDER BY UPPER(name)
		  44462 Query       SELECT name
             FROM products
             WHERE name='Skill packages'
		  44462 Query       SELECT id FROM products WHERE name = 'Skill packages'
		  44462 Query       SELECT components.name
             FROM components, products
             WHERE products.id = components.product_id
              AND products.name='Skill packages' AND components.name='Vescs'
		  44462 Query       select userid from profiles where login_name =
'shengh@cadence.com'
		  44462 Query       select userid from profiles where login_name = ''
		  44462 Query       INSERT INTO components ( product_id, name, description,
initialowner, initialqacontact  ) VALUES ( 11,'Vescs','Vcad enhanced schematic
check&save','1','0')
		  44462 Query       LOCK TABLES series_categories WRITE, series WRITE,
user_series_map WRITE
		  44462 Query       SELECT category_id from series_categories WHERE name
='Skill packages'
		  44462 Query       SELECT category_id from series_categories WHERE name ='Vescs'
		  44462 Query       INSERT INTO series_categories (name) VALUES ('Vescs')
		  44462 Query       SELECT category_id from series_categories WHERE name ='Vescs'
		  44462 Quit      
		  
***************** log end for add new component ************************
Try to add a bug for the component I just added (Vescs). It produced the
following error message in browser:

***************** log from screen **********************


editcomponents.cgi: Insecure dependency in parameter 1 of
DBI::db=HASH(0x86093fc)->do method call while running with -T switch at
Bugzilla/Series.pm line 184.



Internal Error
	  	

Bugzilla has suffered an internal error. Please save this page and send it to
shengh@cadence.com with details of what you were doing at the time this message
appeared.

URL: http://portcullis/bugzilla/post_bug.cgi
A legal Component was not set. 





******************** log from mysql **********************
		   
040602 15:14:25	  44463 Connect     bugs@172.29.139.182 on bugs
		  44463 Query       SELECT 1 FROM group_control_map WHERE entry != 0 LIMIT 1
		  44463 Query       SELECT profiles.userid, profiles.disabledtext FROM
logincookies, profiles WHERE logincookies.cookie='201' AND  
logincookies.userid=profiles.userid AND   logincookies.userid='1' AND  
(logincookies.ipaddr='172.29.139.136' OR logincookies.ipaddr='172.29.139.136')
		  44463 Query       UPDATE logincookies SET lastused=NULL WHERE cookie='201'
		  44463 Query       SELECT userid,
                                                       login_name,
                                                       realname,
                                                       mybugslink
                                                  FROM profiles
                                                 WHERE userid='1'
		  44463 Query       SELECT 1
                                           FROM profiles, groups
                                          WHERE userid='1'
                                            AND profiles.refreshed_when <=
                                                  groups.last_changed
		  44463 Query       SELECT DISTINCT groups.name, group_id
                                              FROM groups, user_group_map
                                             WHERE groups.id=user_group_map.group_id
                                               AND user_id='1'
                                               AND isbless=0
		  44463 Query       SELECT group_id IS NULL FROM products LEFT JOIN
group_control_map ON group_control_map.product_id = products.id AND
group_control_map.entry != 0 AND group_id NOT
IN(6,16,3,14,1,4,24,23,11,25,5,8,20,22,7,18,13,12,9,15,19,21,2,10,17) WHERE
products.name = 'Bugzilla' LIMIT 1
		  44463 Query       SELECT group_id IS NULL FROM products LEFT JOIN
group_control_map ON group_control_map.product_id = products.id AND
group_control_map.entry != 0 AND group_id NOT
IN(6,16,3,14,1,4,24,23,11,25,5,8,20,22,7,18,13,12,9,15,19,21,2,10,17) WHERE
products.name = 'Customer' LIMIT 1
		  44463 Query       SELECT group_id IS NULL FROM products LEFT JOIN
group_control_map ON group_control_map.product_id = products.id AND
group_control_map.entry != 0 AND group_id NOT
IN(6,16,3,14,1,4,24,23,11,25,5,8,20,22,7,18,13,12,9,15,19,21,2,10,17) WHERE
products.name = 'Epm' LIMIT 1
		  44463 Query       SELECT group_id IS NULL FROM products LEFT JOIN
group_control_map ON group_control_map.product_id = products.id AND
group_control_map.entry != 0 AND group_id NOT
IN(6,16,3,14,1,4,24,23,11,25,5,8,20,22,7,18,13,12,9,15,19,21,2,10,17) WHERE
products.name = 'Infrastructure' LIMIT 1
		  44463 Query       SELECT group_id IS NULL FROM products LEFT JOIN
group_control_map ON group_control_map.product_id = products.id AND
group_control_map.entry != 0 AND group_id NOT
IN(6,16,3,14,1,4,24,23,11,25,5,8,20,22,7,18,13,12,9,15,19,21,2,10,17) WHERE
products.name = 'Isador' LIMIT 1
		  44463 Query       SELECT group_id IS NULL FROM products LEFT JOIN
group_control_map ON group_control_map.product_id = products.id AND
group_control_map.entry != 0 AND group_id NOT
IN(6,16,3,14,1,4,24,23,11,25,5,8,20,22,7,18,13,12,9,15,19,21,2,10,17) WHERE
products.name = 'PCM' LIMIT 1
		  44463 Query       SELECT group_id IS NULL FROM products LEFT JOIN
group_control_map ON group_control_map.product_id = products.id AND
group_control_map.entry != 0 AND group_id NOT
IN(6,16,3,14,1,4,24,23,11,25,5,8,20,22,7,18,13,12,9,15,19,21,2,10,17) WHERE
products.name = 'PCT' LIMIT 1
		  44463 Query       SELECT group_id IS NULL FROM products LEFT JOIN
group_control_map ON group_control_map.product_id = products.id AND
group_control_map.entry != 0 AND group_id NOT
IN(6,16,3,14,1,4,24,23,11,25,5,8,20,22,7,18,13,12,9,15,19,21,2,10,17) WHERE
products.name = 'Skill packages' LIMIT 1
		  44463 Query       SELECT group_id IS NULL FROM products LEFT JOIN
group_control_map ON group_control_map.product_id = products.id AND
group_control_map.entry != 0 AND group_id NOT
IN(6,16,3,14,1,4,24,23,11,25,5,8,20,22,7,18,13,12,9,15,19,21,2,10,17) WHERE
products.name = 'TimeTracker' LIMIT 1
		  44463 Query       SELECT group_id IS NULL FROM products LEFT JOIN
group_control_map ON group_control_map.product_id = products.id AND
group_control_map.entry != 0 AND group_id NOT
IN(6,16,3,14,1,4,24,23,11,25,5,8,20,22,7,18,13,12,9,15,19,21,2,10,17) WHERE
products.name = 'Vcad IP' LIMIT 1
		  44463 Query       SELECT group_id IS NULL FROM products LEFT JOIN
group_control_map ON group_control_map.product_id = products.id AND
group_control_map.entry != 0 AND group_id NOT
IN(6,16,3,14,1,4,24,23,11,25,5,8,20,22,7,18,13,12,9,15,19,21,2,10,17) WHERE
products.name = 'VCAD Web' LIMIT 1
		  44463 Query       SELECT group_id IS NULL FROM products LEFT JOIN
group_control_map ON group_control_map.product_id = products.id AND
group_control_map.entry != 0 AND group_id NOT
IN(6,16,3,14,1,4,24,23,11,25,5,8,20,22,7,18,13,12,9,15,19,21,2,10,17) WHERE
products.name = 'VPRM' LIMIT 1
		  44463 Query       SELECT group_id IS NULL FROM products LEFT JOIN
group_control_map ON group_control_map.product_id = products.id AND
group_control_map.entry != 0 AND group_id NOT
IN(6,16,3,14,1,4,24,23,11,25,5,8,20,22,7,18,13,12,9,15,19,21,2,10,17) WHERE
products.name = 'VSH' LIMIT 1
		  44463 Query       SELECT group_id IS NULL FROM products LEFT JOIN
group_control_map ON group_control_map.product_id = products.id AND
group_control_map.entry != 0 AND group_id NOT
IN(6,16,3,14,1,4,24,23,11,25,5,8,20,22,7,18,13,12,9,15,19,21,2,10,17) WHERE
products.name = 'WCDI' LIMIT 1
		  44463 Query       SELECT name, query, linkinfooter
                                  FROM namedqueries
                                 WHERE userid='1'
                              ORDER BY UPPER(name)
		  44463 Quit       


I tried the above twice, but all failed to add a new bug with this new component.
So then I surrendered with this session, click on the add new bug link at the
foot banner, tried again to redraw the page, filled the form for the same thing
and hit commit button.......processed and added! No error, no warning...and here
is the log from mysql for this action:

***************** log from mysql ****************


040602 15:20:57	  44470 Connect     bugs@172.29.139.182 on bugs
		  44470 Query       SELECT profiles.userid, profiles.disabledtext FROM
logincookies, profiles WHERE logincookies.cookie='201' AND  
logincookies.userid=profiles.userid AND   logincookies.userid='1' AND  
(logincookies.ipaddr='172.29.139.136' OR logincookies.ipaddr='172.29.139.136')
		  44470 Query       UPDATE logincookies SET lastused=NULL WHERE cookie='201'
		  44470 Query       SELECT userid,
                                                       login_name,
                                                       realname,
                                                       mybugslink
                                                  FROM profiles
                                                 WHERE userid='1'
		  44470 Query       SELECT 1
                                           FROM profiles, groups
                                          WHERE userid='1'
                                            AND profiles.refreshed_when <=
                                                  groups.last_changed
		  44470 Query       SELECT userid, realname, login_name FROM profiles WHERE
login_name = 'shengh@cadence.com'
		  44470 Query       SELECT userid,
                                                       login_name,
                                                       realname,
                                                       mybugslink
                                                  FROM profiles
                                                 WHERE userid='1'
		  44470 Query       SELECT 1
                                           FROM profiles, groups
                                          WHERE userid='1'
                                            AND profiles.refreshed_when <=
                                                  groups.last_changed
		  44470 Query       SELECT id FROM products WHERE name = 'Skill packages'
		  44470 Query       SELECT DISTINCT groups.name, group_id
                                              FROM groups, user_group_map
                                             WHERE groups.id=user_group_map.group_id
                                               AND user_id='1'
                                               AND isbless=0
		  44470 Query       SELECT group_id IS NULL FROM products LEFT JOIN
group_control_map ON group_control_map.product_id = products.id AND
group_control_map.entry != 0 AND group_id NOT
IN(6,16,3,14,1,4,24,23,11,25,5,8,20,22,7,18,13,12,9,15,19,21,2,10,17) WHERE
products.name = 'Skill packages' LIMIT 1
		  44470 Query       SELECT id FROM components WHERE product_id = 11 AND name =
'Vescs'
		  44470 Query       select userid from profiles where login_name =
'shengh@cadence.com'
		  44470 Query       SELECT defaultmilestone FROM products WHERE name='Skill
packages'
		  44470 Query       SELECT isactive FROM groups WHERE id=22
		  44470 Query       SELECT user_id FROM user_group_map 
                 WHERE user_id = 1
                 AND group_id = 22
                 AND isbless = 0
		  44470 Query       SELECT DISTINCT groups.id, groups.name, membercontrol,
othercontrol FROM groups LEFT JOIN group_control_map ON group_id = id AND
product_id = 11  WHERE isbuggroup != 0 AND isactive != 0 ORDER BY description
		  44470 Query       INSERT INTO bugs
(version,rep_platform,bug_severity,priority,op_sys,assigned_to,bug_status,bug_file_loc,short_desc,target_milestone,everconfirmed,product_id,component_id,
reporter, creation_ts, estimated_time, remaining_time) VALUES
('unspecified','PC','normal','P3','Linux','1','NEW','','Create base
class','---','1','11','128',1, now(), 0, 0)
		  44470 Query       select now()
		  44470 Query       select LAST_INSERT_ID()
		  44470 Query       INSERT INTO bug_group_map (bug_id, group_id)
             VALUES (3340022, 22)
		  44470 Query       INSERT INTO longdescs (bug_id, who, bug_when, thetext) 
         VALUES (3340022, 1, now(), 'Create top level base class')
		  44470 Query       select login_name from profiles where userid = 1
		  44470 Query       SELECT
      bugs.bug_id, alias, bugs.product_id, products.name, version,
      rep_platform, op_sys, bug_status, resolution, priority,
      bug_severity, bugs.component_id, components.name, assigned_to,
      reporter, bug_file_loc, short_desc, target_milestone,
      qa_contact, status_whiteboard,
      DATE_FORMAT(creation_ts,'%Y.%m.%d %H:%i'),
      delta_ts, ifnull(sum(votes.vote_count),0),
      reporter_accessible, cclist_accessible,
      estimated_time, remaining_time
    from bugs left join votes using(bug_id),
      products, components
    where bugs.bug_id = 3340022
      AND products.id = bugs.product_id
      AND components.id = bugs.component_id
    group by bugs.bug_id
		  44470 Query       SELECT bugs.bug_id, reporter, assigned_to, qa_contact,
reporter_accessible, cclist_accessible, cc.who IS NOT NULL,
COUNT(DISTINCT(bug_group_map.group_id)) as cntbugingroups,
COUNT(DISTINCT(user_group_map.group_id)) as cntuseringroups FROM bugs LEFT JOIN
cc ON bugs.bug_id = cc.bug_id AND cc.who = 1 LEFT JOIN bug_group_map ON
bugs.bug_id = bug_group_map.bug_id LEFT JOIN user_group_map ON
user_group_map.group_id = bug_group_map.group_id AND user_group_map.isbless = 0
AND user_group_map.user_id = 1 WHERE bugs.bug_id = 3340022 GROUP BY bugs.bug_id
		  44470 Query       SELECT userid,
                                                       login_name,
                                                       realname,
                                                       mybugslink
                                                  FROM profiles
                                                 WHERE userid='1'
		  44470 Query       SELECT 1
                                           FROM profiles, groups
                                          WHERE userid='1'
                                            AND profiles.refreshed_when <=
                                                  groups.last_changed
		  44470 Query       SELECT userid,
                                                       login_name,
                                                       realname,
                                                       mybugslink
                                                  FROM profiles
                                                 WHERE userid='1'
		  44470 Query       SELECT 1
                                           FROM profiles, groups
                                          WHERE userid='1'
                                            AND profiles.refreshed_when <=
                                                  groups.last_changed
		  44470 Query       select who from cc where bug_id=3340022
		  44470 Query       SELECT keyworddefs.name 
              FROM keyworddefs, keywords
             WHERE keywords.bug_id = 3340022 
               AND keyworddefs.id = keywords.keywordid
          ORDER BY keyworddefs.name
		  44470 Query       SELECT product_id
           FROM bugs 
           WHERE bug_id = 3340022
		  44470 Query       SELECT group_id FROM group_control_map WHERE product_id =
11 AND canedit != 0 AND group_id NOT
IN(6,16,3,14,1,4,24,23,11,25,5,8,20,22,7,18,13,12,9,15,19,21,2,10,17) LIMIT 1
		  44470 Query       SELECT attach_id, DATE_FORMAT(creation_ts, '%Y.%m.%d %H:%i'),
              mimetype, description, ispatch, isobsolete, isprivate, 
              submitter_id, LENGTH(thedata)
              FROM attachments WHERE bug_id = 3340022 ORDER BY attach_id
		  44470 Query       SELECT 1, flagtypes.id, flagtypes.name,
flagtypes.description, flagtypes.cc_list, flagtypes.target_type,
flagtypes.sortkey, flagtypes.is_active, flagtypes.is_requestable,
flagtypes.is_requesteeble, flagtypes.is_multiplicable,
COUNT(flagexclusions.type_id) AS num_exclusions FROM flagtypes , flaginclusions
LEFT JOIN flagexclusions ON (flagtypes.id = flagexclusions.type_id AND
(flagexclusions.product_id = 11 OR flagexclusions.product_id IS NULL) AND
(flagexclusions.component_id = 128 OR flagexclusions.component_id IS NULL))
WHERE 1=1 AND flagtypes.target_type = 'b' AND flagtypes.id =
flaginclusions.type_id AND (flaginclusions.product_id = 11  OR
flaginclusions.product_id IS NULL) AND (flaginclusions.component_id = 128  OR
flaginclusions.component_id IS NULL) GROUP BY flagtypes.id  HAVING
num_exclusions = 0  ORDER BY flagtypes.sortkey, flagtypes.name
		  44470 Query       SELECT COUNT(flagtypes.id), COUNT(flagexclusions.type_id)
AS num_exclusions FROM flagtypes , flaginclusions LEFT JOIN flagexclusions ON
(flagtypes.id = flagexclusions.type_id AND (flagexclusions.product_id = 11 OR
flagexclusions.product_id IS NULL) AND (flagexclusions.component_id = 128 OR
flagexclusions.component_id IS NULL)) WHERE 1=1 AND flagtypes.target_type = 'a'
AND flagtypes.is_active = 1 AND flagtypes.id = flaginclusions.type_id AND
(flaginclusions.product_id = 11  OR flaginclusions.product_id IS NULL) AND
(flaginclusions.component_id = 128  OR flaginclusions.component_id IS NULL)
GROUP BY flagtypes.id HAVING num_exclusions = 0
		  44470 Query       SELECT COUNT(id) FROM flags WHERE 1=1 AND attach_id IS NOT
NULL AND bug_id       = 3340022
		  44470 Query       select dependencies.dependson, bugs.bug_status
           from dependencies, bugs
           where dependencies.blocked = 3340022
             and bugs.bug_id = dependencies.dependson
           order by dependencies.dependson
		  44470 Query       select dependencies.blocked, bugs.bug_status
           from dependencies, bugs
           where dependencies.dependson = 3340022
             and bugs.bug_id = dependencies.blocked
           order by dependencies.blocked
		  44470 Query       SELECT name, query, linkinfooter
                                  FROM namedqueries
                                 WHERE userid='1'
                              ORDER BY UPPER(name)
		  44470 Query       SELECT name, description, mailhead FROM fielddefs ORDER BY
sortkey
		  44470 Query       SELECT
alias,assigned_to,bug_file_loc,bug_severity,bug_status,cclist_accessible,component_id,estimated_time,everconfirmed,keywords,op_sys,priority,product_id,qa_contact,remaining_time,rep_platform,reporter,reporter_accessible,resolution,short_desc,status_whiteboard,target_milestone,version,votes,
lastdiffed, now() FROM bugs WHERE bug_id = 3340022
		  44470 Query       SELECT name FROM products WHERE id = 11
		  44470 Query       SELECT name FROM components WHERE id = 128
		  44470 Query       SELECT who FROM cc WHERE bug_id = 3340022
		  44470 Query       SELECT profiles.login_name FROM votes, profiles WHERE
votes.bug_id = 3340022 AND profiles.userid = votes.who
		  44470 Query       SELECT dependson FROM dependencies WHERE 
             blocked = 3340022 ORDER BY dependson
		  44470 Query       SELECT blocked FROM dependencies WHERE 
             dependson = 3340022 ORDER BY blocked
		  44470 Query       SELECT profiles.login_name, fielddefs.description,       
bug_when, removed, added, attach_id, fielddefs.name FROM bugs_activity,
fielddefs, profiles WHERE bug_id = 3340022   AND fielddefs.fieldid =
bugs_activity.fieldid   AND profiles.userid = who   AND bug_when > '0000-00-00
00:00:00'   AND bug_when <= '2004-06-02 15:20:57' ORDER BY bug_when
		  44470 Query       SELECT bugs_activity.bug_id, bugs.short_desc,
fielddefs.name,        removed, added FROM bugs_activity, bugs, dependencies,
fielddefs WHERE bugs_activity.bug_id = dependencies.dependson   AND bugs.bug_id
= bugs_activity.bug_id   AND dependencies.blocked = 3340022   AND
fielddefs.fieldid = bugs_activity.fieldid  AND (fielddefs.name = 'bug_status'  
  OR fielddefs.name = 'resolution')   AND bug_when > '0000-00-00 00:00:00'   AND
bug_when <= '2004-06-02 15:20:57' ORDER BY bug_when, bug_id
		  44470 Query       SELECT profiles.login_name,
DATE_FORMAT(longdescs.bug_when,'%Y.%m.%d %H:%i'),        longdescs.thetext,
longdescs.isprivate FROM   longdescs, profiles WHERE  profiles.userid =
longdescs.who AND    longdescs.bug_id = 3340022 AND longdescs.bug_when <=
'2004-06-02 15:20:57'ORDER BY longdescs.bug_when
		  44470 Query       select userid from profiles where login_name =
'shengh@cadence.com'
		  44470 Query       SELECT emailflags FROM profiles WHERE userid = 1
		  44470 Query       select userid from profiles where login_name =
'shengh@cadence.com'
		  44470 Query       SELECT emailflags FROM profiles WHERE userid = 1
		  44470 Query       select userid from profiles where login_name =
'shengh@cadence.com'
		  44470 Query       SELECT emailflags FROM profiles WHERE userid = 1
		  44470 Query       select userid from profiles where login_name =
'shengh@cadence.com'
		  44470 Query       SELECT emailflags FROM profiles WHERE userid = 1
		  44470 Query       SELECT userid,
                                                       login_name,
                                                       realname,
                                                       mybugslink
                                                  FROM profiles
                                                 WHERE
login_name='shengh@cadence.com'
		  44470 Query       SELECT 1
                                           FROM profiles, groups
                                          WHERE userid='1'
                                            AND profiles.refreshed_when <=
                                                  groups.last_changed
		  44470 Query       SELECT bugs.bug_id, reporter, assigned_to, qa_contact,
reporter_accessible, cclist_accessible, cc.who IS NOT NULL,
COUNT(DISTINCT(bug_group_map.group_id)) as cntbugingroups,
COUNT(DISTINCT(user_group_map.group_id)) as cntuseringroups FROM bugs LEFT JOIN
cc ON bugs.bug_id = cc.bug_id AND cc.who = 1 LEFT JOIN bug_group_map ON
bugs.bug_id = bug_group_map.bug_id LEFT JOIN user_group_map ON
user_group_map.group_id = bug_group_map.group_id AND user_group_map.isbless = 0
AND user_group_map.user_id = 1 WHERE bugs.bug_id = 3340022 GROUP BY bugs.bug_id
		  44470 Query       SELECT DISTINCT groups.name, group_id
                                              FROM groups, user_group_map
                                             WHERE groups.id=user_group_map.group_id
                                               AND user_id='1'
                                               AND isbless=0
040602 15:20:58	  44470 Query       UPDATE bugs SET lastdiffed = '2004-06-02
15:20:57', delta_ts = delta_ts WHERE bug_id = 3340022
		  44470 Query       SELECT  profiles.realname, profiles.login_name, 
                     date_format(longdescs.bug_when,'%Y.%m.%d %H:%i'), 
                     longdescs.thetext, longdescs.work_time,
                     isprivate,
                     date_format(longdescs.bug_when,'%Y%m%d%H%i%s') 
            FROM     longdescs, profiles
            WHERE    profiles.userid = longdescs.who 
              AND    longdescs.bug_id = 3340022 
            ORDER BY longdescs.bug_when
		  44470 Query       SELECT group_id IS NULL FROM products LEFT JOIN
group_control_map ON group_control_map.product_id = products.id AND
group_control_map.entry != 0 AND group_id NOT
IN(6,16,3,14,1,4,24,23,11,25,5,8,20,22,7,18,13,12,9,15,19,21,2,10,17) WHERE
products.name = 'Bugzilla' LIMIT 1
		  44470 Query       SELECT group_id IS NULL FROM products LEFT JOIN
group_control_map ON group_control_map.product_id = products.id AND
group_control_map.entry != 0 AND group_id NOT
IN(6,16,3,14,1,4,24,23,11,25,5,8,20,22,7,18,13,12,9,15,19,21,2,10,17) WHERE
products.name = 'Customer' LIMIT 1
		  44470 Query       SELECT group_id IS NULL FROM products LEFT JOIN
group_control_map ON group_control_map.product_id = products.id AND
group_control_map.entry != 0 AND group_id NOT
IN(6,16,3,14,1,4,24,23,11,25,5,8,20,22,7,18,13,12,9,15,19,21,2,10,17) WHERE
products.name = 'Epm' LIMIT 1
		  44470 Query       SELECT group_id IS NULL FROM products LEFT JOIN
group_control_map ON group_control_map.product_id = products.id AND
group_control_map.entry != 0 AND group_id NOT
IN(6,16,3,14,1,4,24,23,11,25,5,8,20,22,7,18,13,12,9,15,19,21,2,10,17) WHERE
products.name = 'Infrastructure' LIMIT 1
		  44470 Query       SELECT group_id IS NULL FROM products LEFT JOIN
group_control_map ON group_control_map.product_id = products.id AND
group_control_map.entry != 0 AND group_id NOT
IN(6,16,3,14,1,4,24,23,11,25,5,8,20,22,7,18,13,12,9,15,19,21,2,10,17) WHERE
products.name = 'Isador' LIMIT 1
		  44470 Query       SELECT group_id IS NULL FROM products LEFT JOIN
group_control_map ON group_control_map.product_id = products.id AND
group_control_map.entry != 0 AND group_id NOT
IN(6,16,3,14,1,4,24,23,11,25,5,8,20,22,7,18,13,12,9,15,19,21,2,10,17) WHERE
products.name = 'PCM' LIMIT 1
		  44470 Query       SELECT group_id IS NULL FROM products LEFT JOIN
group_control_map ON group_control_map.product_id = products.id AND
group_control_map.entry != 0 AND group_id NOT
IN(6,16,3,14,1,4,24,23,11,25,5,8,20,22,7,18,13,12,9,15,19,21,2,10,17) WHERE
products.name = 'PCT' LIMIT 1
		  44470 Query       SELECT group_id IS NULL FROM products LEFT JOIN
group_control_map ON group_control_map.product_id = products.id AND
group_control_map.entry != 0 AND group_id NOT
IN(6,16,3,14,1,4,24,23,11,25,5,8,20,22,7,18,13,12,9,15,19,21,2,10,17) WHERE
products.name = 'TimeTracker' LIMIT 1
		  44470 Query       SELECT group_id IS NULL FROM products LEFT JOIN
group_control_map ON group_control_map.product_id = products.id AND
group_control_map.entry != 0 AND group_id NOT
IN(6,16,3,14,1,4,24,23,11,25,5,8,20,22,7,18,13,12,9,15,19,21,2,10,17) WHERE
products.name = 'Vcad IP' LIMIT 1
		  44470 Query       SELECT group_id IS NULL FROM products LEFT JOIN
group_control_map ON group_control_map.product_id = products.id AND
group_control_map.entry != 0 AND group_id NOT
IN(6,16,3,14,1,4,24,23,11,25,5,8,20,22,7,18,13,12,9,15,19,21,2,10,17) WHERE
products.name = 'VCAD Web' LIMIT 1
		  44470 Query       SELECT group_id IS NULL FROM products LEFT JOIN
group_control_map ON group_control_map.product_id = products.id AND
group_control_map.entry != 0 AND group_id NOT
IN(6,16,3,14,1,4,24,23,11,25,5,8,20,22,7,18,13,12,9,15,19,21,2,10,17) WHERE
products.name = 'VPRM' LIMIT 1
		  44470 Query       SELECT group_id IS NULL FROM products LEFT JOIN
group_control_map ON group_control_map.product_id = products.id AND
group_control_map.entry != 0 AND group_id NOT
IN(6,16,3,14,1,4,24,23,11,25,5,8,20,22,7,18,13,12,9,15,19,21,2,10,17) WHERE
products.name = 'VSH' LIMIT 1
		  44470 Query       SELECT group_id IS NULL FROM products LEFT JOIN
group_control_map ON group_control_map.product_id = products.id AND
group_control_map.entry != 0 AND group_id NOT
IN(6,16,3,14,1,4,24,23,11,25,5,8,20,22,7,18,13,12,9,15,19,21,2,10,17) WHERE
products.name = 'WCDI' LIMIT 1
		  44470 Query       SELECT DISTINCT groups.id, name, description,
bug_group_map.group_id IS NOT NULL, user_group_map.group_id IS NOT NULL,
isactive, membercontrol, othercontrol FROM groups LEFT JOIN bug_group_map ON
bug_group_map.group_id = groups.id AND bug_id = 3340022 LEFT JOIN user_group_map
ON user_group_map.group_id = groups.id AND user_id = 1 AND NOT isbless LEFT JOIN
group_control_map ON group_control_map.group_id = groups.id AND
group_control_map.product_id = 11 WHERE isbuggroup
		  44470 Quit       
********************** log from mysql end **********************

It looks to me that something is not finished during the create new component,
and was finished in a later stage. Maybe some kind of "lock", such that this
lock is not being removed in the correct place but got removed later.
Right after I created the new component, although it told me there were
"internal error", I could see the new component has been added to the database,
it must be something else is not set/unset.

cheers.

Version: unspecified → 2.17.7
Confirmed by visual inspection of the code.  The product and component being
used as the category and subcategory coming out of new component creation is
never getting detainted.  The failure to be able to create bugs in the new
component is only temporary until versioncache rebuilds.  The unlinking of
data/versioncache happens after the series is created, so when it crashes during
series creation, the cache doesn't get rebuilt until the next time it would have
anyway.

By definition, taint errors are 2.18 blockers.
Status: UNCONFIRMED → NEW
Ever confirmed: true
Flags: blocking2.18+
Target Milestone: --- → Bugzilla 2.18
Assignee: myk → bugzilla
Status: NEW → ASSIGNED
Attached patch detaint series insert (obsolete) — Splinter Review
only $self->{'name'} needs to be detainted.

it's a shame that $dbh->quote doesn't detaint automatically like SqlQuote does.
Attachment #150931 - Flags: review?
someone want to reveiw this for me please?
(In reply to comment #12)
> someone want to reveiw this for me please?

I can confirm that this does fix the problem, but I haven't checked that the detaint is safe to do, or the 
only one necessary. (Sorry that isn't too helpful)

Is the title of the big correct? I'm sure I had failures before I enabled QA contacts...

Comment on attachment 150931 [details] [diff] [review]
detaint series insert

Series.pm should never be getting tainted data to begin with unless it's
getting it from an environment variable or CGI form data directly.  

The latter happens to be the case here, however, the part that loads data from
CGI is a separate sub, and the writeToDatabase function is callable even on
series objects that aren't created from CGI, thus the detaint() doesn't belong
here (that goes for the one on 'query' as well).

The detaints should all be happening in the initFromCGI sub before the object
is returned.
Attachment #150931 - Flags: review? → review-
Attached patch detaint series insert v2 (obsolete) — Splinter Review
moves trick_taint in Series.pm into initFromCGI, which is the logical location,
but doesn't fix this bug, as initFromParameters is actually used.

editcomponents now has a shiny new trick_taint
Attachment #150931 - Attachment is obsolete: true
Attachment #152096 - Flags: review?(justdave)
Comment on attachment 152096 [details] [diff] [review]
detaint series insert v2

>+++ editcomponents.cgi
>@@ -466,6 +466,7 @@
>     push(@series, [$::FORM{'closed_name'}, $resolved . $prodcomp]);
> 
>     foreach my $sdata (@series) {
>+        trick_taint($sdata->[0]);

ehh....   how about if we stuff $::FORM{'closed_name'} into a local variable
and detaint it there before pushing it into @series?  That'll make the logic a
little cleaner, since we won't be wondering why stuff in @series is suddenly
tainted.  It's obvious why $::FORM stuff would be tainted at that point.

To satify the anal security folks, we should also add a comment next to the
trick_taint() which explains why we think it's safe to use trick_taint() on it.
(i.e. it's never used as a command or raw SQL)

Also, how about if we move the other detaint from writeToDatabase while we're
looking at it, so we don't forget.

Sorry to be so anal about it, but them's the breaks when we're dealing with the
taint stuff ;)	We're close :)
Attachment #152096 - Flags: review?(justdave) → review-
Attachment #152096 - Attachment is obsolete: true
Attachment #152420 - Flags: review?(justdave)
Comment on attachment 152420 [details] [diff] [review]
detaint series insert v3

clearing review request.  was thinking about this on the bus and i want to do
some more testing.
Attachment #152420 - Flags: review?(justdave)
Comment on attachment 152420 [details] [diff] [review]
detaint series insert v3

r=joel
Attachment #152420 - Flags: review+
Flags: approval?
Flags: approval? → approval+
Checked in by timeless:

Bug 242405 Turning on QA contact causes taint error in Bugzilla/Series.pm when
adding a component

patch by bugzilla@glob.com.au r=joel a=justdave

2004-07-08 20:33	timeless%mozdev.org 	mozilla/ webtools/ bugzilla/ Bugzilla/
Series.pm 	1.5 	0/1
2004-07-08 20:33	timeless%mozdev.org 	mozilla/ webtools/ bugzilla/
editcomponents.cgi 	1.41 	14/5
Status: ASSIGNED → RESOLVED
Closed: 19 years ago
Resolution: --- → FIXED
QA Contact: matty_is_a_geek → default-qa
You need to log in before you can comment on or make changes to this bug.