You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The application crashes when max weight modified in the profile.txt is invalid (eg. 99999999999999999999999999 or hello) due to lack of file input validation. As one of the requirements for tp is to allow users to edit data in the data file, it is crucial for developer to implement input validation and sanitisation for the data loaded from file or at least handle it in such a way that the application will not crash.
Steps to reproduce
Run the application.
Edit the current profile using the editprofile command.
Exit the program.
Edit the last field of the data/profile.txt into 99999999999999999999999999 and save it.
Run the application.
You will see an error as shown in the actual section below being thrown and the application crashed.
Expected
Display an error message to user to inform them that the value is out of range and prompt them to enter the correct value.
Actual
The text was updated successfully, but these errors were encountered:
Thanks for the feedback! However, users are able to edit the contents of the data file via the application interface for certain tasks like altering deliveryman particulars and changing completion status of deliveries. The UG has warned against altering .txt files directly.
Items for the Tester to Verify
❓ Issue response
Team chose [response.NotInScope]
I disagree
Reason for disagreement: I do agree with the developer team that the UG has warned against altering of .txt files directly and hence, the medium severity instead of the high. Even though it is stated in UG that it may cause problems to the application, the team should still handle the error such that the program will not crash and show suitable error message to the user.
The application crashes when max weight modified in the profile.txt is invalid (eg. 99999999999999999999999999 or hello) due to lack of file input validation. As one of the requirements for tp is to allow users to edit data in the data file, it is crucial for developer to implement input validation and sanitisation for the data loaded from file or at least handle it in such a way that the application will not crash.
Steps to reproduce
Expected
Actual
The text was updated successfully, but these errors were encountered: