Bug #13624
closedentering fulltext in filter report field can lead to database crash
Description
select report "all hosts". Enter a full text name without "host=" in filter control.
Can lead to postgres database crash!!!
The generated query by foreman
SELECT DISTINCT "reports".id, "reports"."reported_at" AS alias_0 FROM "reports" LEFT OUTER JOIN "hosts" ON "hosts"."id" = "reports"."host_id" AND "hosts"."type" IN ('Host::Managed') LEFT OUTER JOIN "hosts" "hosts_reports_join" ON "hosts_reports_join"."id" = "reports"."host_id" AND "hosts_reports_join"."type" IN ('Host::Managed') LEFT OUTER JOIN "environments" ON "environments"."id" = "hosts_reports_join"."environment_id" LEFT OUTER JOIN "logs" ON "logs"."report_id" = "reports"."id" LEFT OUTER JOIN "messages" ON "messages"."id" = "logs"."message_id" LEFT OUTER JOIN "logs" "logs_reports_join" ON "logs_reports_join"."report_id" = "reports"."id" LEFT OUTER JOIN "sources" ON "sources"."id" = "logs_reports_join"."source_id" LEFT OUTER JOIN "hosts" "hosts_reports_join_2" ON "hosts_reports_join_2"."id" = "reports"."host_id" AND "hosts_reports_join_2"."type" IN ('Host::Managed') LEFT OUTER JOIN "hostgroups" ON "hostgroups"."id" = "hosts_reports_join_2"."hostgroup_id" WHERE (("hosts"."name"
ILIKE '%vmname%' OR "environments"."name" ILIKE '%vmname%' OR "messages"."value" ILIKE '%vmname%' OR "sources"."value" ILIKE '%vmname%' OR "hostgroups"."name" ILIKE '%vmname%' OR "hostgroups"."title" ILIKE '%vmname%' OR "hostgroups"."title" ILIKE '%vmname%')) ORDER BY "reports"."reported_at" DESC LIMIT 150 OFFSET 0
Updated by Dominic Cleal over 8 years ago
- Is duplicate of Bug #2778: Search in /reports without keyword make request never end on mysql added
Updated by Dominic Cleal over 8 years ago
- Priority changed from Immediate to Normal
Thanks for the report, this is tracked as issue #2778.
Updated by Christian Klinger over 8 years ago
When will it be fixed ? It leads to an serious impact.
Updated by Dominic Cleal over 8 years ago
I don't know, we don't have a plan or schedule for bug fixes. If you'd like to contribute a fix, please see http://theforeman.org/contribute.html.