Project

General

Profile

Bug #15307

Foreman API: GETing /api/hosts with per_page=-1 triggers database error

Added by Pieter Hollants almost 4 years ago. Updated over 1 year ago.

Status:
Feedback
Priority:
Normal
Assignee:
-
Category:
API
Target version:
-
Difficulty:
trivial
Triaged:
No
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:

Description

Sending a GET request to "/api/hosts" with "per_page: -1" on a Foreman 1.10.3 server:

2016-06-06 15:28:26 ForemanErrorHandler ():742 CRITICAL: HTTP error "500 Internal Server Error" while GETing https://foreman.edst.ebaintern.de:443/api/hosts?per_page=-1!
2016-06-06 15:28:26 ForemanErrorHandler ():767 CRITICAL: Error returned: Mysql2::Error: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '-1 OFFSET 0' at line 1: SELECT `hosts`.* FROM `hosts` WHERE `hosts`.`type` IN ('Host::Managed') ORDER BY `hosts`.`name` ASC LIMIT -1 OFFSET 0

"per_page" is apparantly not getting validated to be non-negative when it should be.

History

#1 Updated by Pieter Hollants almost 4 years ago

I guess a fix for this belongs upstream in the will_paginate rubygem at https://github.com/mislav/will_paginate. Unfortunately its author appears to be a bit overloaded (81 issues, 39 PRs, some of them two years old and trivial (ie. localization)) :/

#2 Updated by Tomer Brisker almost 4 years ago

I'll try getting this patched in the will_paginate gem.
In any case this is just negative ints that cause the bad query, any other input is striped so no SQLi here.

#3 Updated by Tomer Brisker almost 4 years ago

  • Status changed from New to Assigned
  • Assignee set to Tomer Brisker

#4 Updated by Michael Moll almost 3 years ago

Tomer, did this get fixed?

#5 Updated by Tomer Brisker almost 3 years ago

  • Status changed from Assigned to New
  • Assignee deleted (Tomer Brisker)

I never got around to this, setting back to new.

#6 Updated by boaz shust over 1 year ago

Can't reproduce it on 1.20.0-develop.
Seems to be fixed.

#7 Updated by Marek Hulán over 1 year ago

  • Status changed from New to Feedback

Thanks for testing, closing. Please reopen or let us kniw in case it's still reproducible.

Also available in: Atom PDF