Closed Bug 940022 Opened 11 years ago Closed 11 years ago

range_value on report list is not validated for sanity

Categories

(Socorro :: Webapp, task)

Product:
Socorro
Component:
Webapp
Type:
task
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
VERIFIED FIXED

People

(Reporter: peterbe, Assigned: peterbe)

References

(
URL
)

Details

(Whiteboard: [qa+])

Attachments

(2 files)

Github PR
44 bytes, text/x-github-pull-request
Details | Review
Post-fix screenshot, on staging
332.08 KB, image/png
Details
If the range_value is something enormous it will erroneously try to make a start_date based on it and that should be capped to 30 days anyways.
Assignee: nobody → peterbe
Status: NEW → ASSIGNED
Attached file Github PR
Commit pushed to master at https://github.com/mozilla/socorro https://github.com/mozilla/socorro/commit/b0303f0182680aefdfa5b19a5fe8b34e71b15214 fixes bug 940022 - range_value on report list is not validated for sanity, r=adrian
Status: ASSIGNED → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Target Milestone: --- → 69
Is this [qa-] or [qa+], and if the latter, what are the steps? Thanks!
Steps to reproduce: Go to https://crash-stats.allizom.org/report/list?product=Firefox&query_search=signature&query_type=contains&reason_type=contains&date=2013-11-17&range_value=80000&range_unit=days&hang_type=any&process_type=any&signature=nsTHashtable%3CgfxFont%3A%3ACacheHashEntry%3E%3A%3As_ClearEntry(PLDHashTable*%2C+PLDHashEntryHdr*) (note the `range_value=8000` in the URL) Loading that should kick you out with a 400 error. (note2: I constructed the URL above from the sentry report but swapped it to the stage domain. If it doesn't work, find another such URL and make the range_value massive)
Whiteboard: qa+
OS: Mac OS X → All
Hardware: x86 → All
Whiteboard: qa+ → [qa+]
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: