-
-
Notifications
You must be signed in to change notification settings - Fork 218
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Insufficient sanitation of inputs on property pages #2854
Comments
- SMW version: 2.5.2
This version is outdated and it is expected that #2481 (reported by
#2479) has addressed this issue.
For other details and changes, please refer to [0].
[0] 2.5.2...2.5.x
…On 12/8/17, Alex Winkler ***@***.***> wrote:
### Setup and configuration
- SMW version: 2.5.2
- MW version: 1.28.3
- PHP version: 5.6.30-0+deb8u1 (fpm-fcgi)
- DB system (MySQL, Blazegraph, etc.) and version:
10.2.9-MariaDB-10.2.9+maria~stretch
### Issue
Insufficient sanitation of inputs on property pages (and possible other
places)
On the URL
http://wiki.teamliquid.net/dota2/index.php?title=Property:Has_position&limit=500&value=&from=&until=&offset=10102121121121212.1
I get a runtime exception due to a database error:
Error: 1064 You have an error in your SQL syntax; check the manual that
corresponds to your MariaDB server version for the right syntax to use near
'10102121121121212.1,500' at line 1
Clearly this number "10102121121121212.1" shouldn't go into the query
directly as it is not an integer, whilst SQL offset has to be an integer.
### Stack trace
```
#0 /path/to/wiki/includes/libs/rdbms/database/Database.php(912):
Database->reportQueryError('You have an err...', 1064, 'SELECT DISTINC...',
'SMWSQLStore3Rea...', false)
#1 /path/to/wiki/includes/libs/rdbms/database/Database.php(1254):
Database->query('SELECT DISTINC...', 'SMWSQLStore3Rea...')
#2
/path/to/wiki/extensions/SemanticMediaWiki/src/MediaWiki/Database.php(224):
Database->select('`wikidota_smw_o...', 'DISTINCT smw_ti...',
't1.p_id='144984...', 'SMWSQLStore3Rea...', Array, Array)
#3
/path/to/wiki/extensions/SemanticMediaWiki/includes/storage/SQLStore/SMW_SQLStore3_Readers.php(504):
SMW\MediaWiki\Database->select('`wikidota_smw_o...', 'DISTINCT smw_ti...',
't1.p_id='144984...', 'SMWSQLStore3Rea...', Array)
#4
/path/to/wiki/extensions/SemanticMediaWiki/includes/storage/SQLStore/SMW_SQLStore3_Readers.php(592):
SMWSQLStore3Readers->getPropertySubjects(Object(SMW\DIProperty), NULL,
Object(SMW\RequestOptions))
#5
/path/to/wiki/extensions/SemanticMediaWiki/src/SQLStore/EntityStore/DirectEntityLookup.php(86):
SMWSQLStore3Readers->getAllPropertySubjects(Object(SMW\DIProperty),
Object(SMW\RequestOptions))
#6
/path/to/wiki/extensions/SemanticMediaWiki/includes/storage/SQLStore/SMW_SQLStore3.php(225):
SMW\SQLStore\EntityStore\DirectEntityLookup->getAllPropertySubjects(Object(SMW\DIProperty),
Object(SMW\RequestOptions))
#7
/path/to/wiki/extensions/SemanticMediaWiki/includes/articlepages/SMW_PropertyPage.php(246):
SMWSQLStore3->getAllPropertySubjects(Object(SMW\DIProperty),
Object(SMW\RequestOptions))
#8
/path/to/wiki/extensions/SemanticMediaWiki/includes/articlepages/SMW_PropertyPage.php(80):
SMWPropertyPage->getPropertyValueList()
#9
/path/to/wiki/extensions/SemanticMediaWiki/includes/articlepages/SMW_OrderedListPage.php(186):
SMWPropertyPage->getHtml()
#10
/path/to/wiki/extensions/SemanticMediaWiki/includes/articlepages/SMW_OrderedListPage.php(94):
SMWOrderedListPage->showList()
#11 /path/to/wiki/includes/actions/ViewAction.php(71):
SMWOrderedListPage->view()
#12 /path/to/wiki/includes/MediaWiki.php(495): ViewAction->show()
#13 /path/to/wiki/includes/MediaWiki.php(289):
MediaWiki->performAction(Object(SMWPropertyPage), Object(Title))
#14 /path/to/wiki/includes/MediaWiki.php(851): MediaWiki->performRequest()
#15 /path/to/wiki/includes/MediaWiki.php(512): MediaWiki->main()
#16 /path/to/wiki/index.php(43): MediaWiki->run()
#17 {main}
```
### Steps to reproduce
The error can be seen just by going to the page i linked above (stacktrace
not publicly visible).
PS: The default fill for new issues here has a typo:
"Note that it is required to provide the setup and **configruation**
information."
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
#2854
|
Oh in this case I'm sorry, I didn't see that one. |
kghbln
added
bug
Occurrence of an unintended or unanticipated behaviour that causes a vulnerability or fatal error
invalid
not related to SMW
labels
Dec 7, 2017
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Setup and configuration
Issue
Insufficient sanitation of inputs on property pages (and possible other places)
On the URL http://wiki.teamliquid.net/dota2/index.php?title=Property:Has_position&limit=500&value=&from=&until=&offset=10102121121121212.1 I get a runtime exception due to a database error:
Error: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '10102121121121212.1,500' at line 1
Clearly this number "10102121121121212.1" shouldn't go into the query directly as it is not an integer, whilst SQL offset has to be an integer.
Stack trace
Steps to reproduce
The error can be seen just by going to the page i linked above (stacktrace not publicly visible).
PS: The default fill for new issues here has a typo:
"Note that it is required to provide the setup and configruation information."
The text was updated successfully, but these errors were encountered: