997281 - New QuickSearch operators can short-circuit each other depending on which ones are tested first

Status: RESOLVED FIXED

(Bugzilla :: Query/Bug List, defect)

Description

[Frédéric Buclin]

When testing votes<=2 in the QuickSearch field, I get random results on each call:

1) most of the time, I get: There is a problem with your search: votes< is not a valid field name.
2) sometimes, I get: Votes: (is less than) =2
3) sometimes, I get: Votes: (is less than or equal to) 2

3) is the expected behavior. 1) and 2) indicate bad parsing.

The reason of this random behavior is that Perl 5.18 introduced real randomization when playing with hashes, see http://search.cpan.org/~rjbs/perl-5.18.0/pod/perldelta.pod#Hash_randomization

"Hash randomization

The seed used by Perl's hash function is now random. This means that the order which keys/values will be returned from functions like keys(), values(), and each() will differ from run to run.

This change was introduced to make Perl's hashes more robust to algorithmic complexity attacks, and also because we discovered that it exposes hash ordering dependency bugs and makes them easier to track down."

In Bugzilla::Search::Quicksearch::_handle_field_names(), testing the <, > or = operators before <=, >= or != short-circuits the latter, making Bugzilla to incorrectly parse strings and report them as invalid fields (or values). To work around this problem, longer operators should be tested first.

Comment 1

[Frédéric Buclin]

Attachment: patch, v1

Comment 2

[Frédéric Buclin]

To ssh://gitolite3@git.mozilla.org/bugzilla/bugzilla.git
   060fa90..23bad39  master -> master