Project

General

Profile

Actions

Bug #15307

closed

Foreman API: GETing /api/hosts with per_page=-1 triggers database error

Added by Pieter Hollants over 8 years ago. Updated about 6 years ago.

Status:
Feedback
Priority:
Normal
Assignee:
-
Category:
API
Target version:
-
Difficulty:
trivial
Triaged:
No
Fixed in Releases:
Found in Releases:

Description

Sending a GET request to "/api/hosts" with "per_page: -1" on a Foreman 1.10.3 server:

2016-06-06 15:28:26 ForemanErrorHandler ():742 CRITICAL: HTTP error "500 Internal Server Error" while GETing https://foreman.edst.ebaintern.de:443/api/hosts?per_page=-1!
2016-06-06 15:28:26 ForemanErrorHandler ():767 CRITICAL: Error returned: Mysql2::Error: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '-1 OFFSET 0' at line 1: SELECT `hosts`.* FROM `hosts` WHERE `hosts`.`type` IN ('Host::Managed') ORDER BY `hosts`.`name` ASC LIMIT -1 OFFSET 0

"per_page" is apparantly not getting validated to be non-negative when it should be.

Actions

Also available in: Atom PDF