Closed Bug 600377 Opened 14 years ago Closed 7 years ago

dm-sheriff DOS Date parsing error

Categories

(Webtools Graveyard :: Sheriff Calendar, defect)

Product:
Webtools Graveyard
Component:
Sheriff Calendar
Type:
defect
Priority:
Not set
Severity:
critical

Tracking

(Not tracked)

Status:
RESOLVED WONTFIX

People

(Reporter: dchanm+bugzilla, Unassigned)

References

(
URL
)

Details

(Whiteboard: [infrasec:input]) 

The dm-sheriff site crashes when invalid date values are passed in the URL. An ArgumentError is thrown and a RoR error page displayed.

STR
1. Visit https://dm-sheriff01.mozilla.org/?today="&from="&to="
2. You will get an error page

Code
http://github.com/kourge/sheriff/blob/master/app.rb#L23

Date.parse() is called on user supplied data in lines 23/24 . The resulting exception is not caught resulting in application crash.


Suggested fix
Catch the ArgumentError exception and log that malicious input was encountered
The server appears to go down while testing and comes back up eventually. During this time, my session is invalid and I can't log back in.

Does the application automatically restart after a given amount of time?
The application appears to have crashed after inputting a negative value on the preferences page for
'Email me about my upcoming sheriff duties X days in advance'
Group: websites-security
Component: Webdev → Sheriff
Product: mozilla.org → Webtools
Component: Sheriff → Sheriff Calendar
Product: Webtools → Webtools Graveyard
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.