Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Illegal hex characters in escape (%) pattern - error at index 0 in: R6 #38966

Closed
paoliniluis opened this issue Feb 20, 2024 · 3 comments · Fixed by #41553
Closed

Illegal hex characters in escape (%) pattern - error at index 0 in: R6 #38966

paoliniluis opened this issue Feb 20, 2024 · 3 comments · Fixed by #41553
Assignees
@lbrdnk
Labels
Database/Mongo Priority:P1 Security holes w/o exploit, crashing, setup/upgrade, login, broken common features, correctness .Regression Bugs that were previously fixed and/or bugs unintentionally shipped with new features. Type:Bug Product defects
Milestone
0.49.7

Comments

@paoliniluis
Copy link
Contributor

Describe the bug

Seems there's some escaping issue in the new mongo driver
image

To Reproduce

I don't know how to reproduce this, but popped up on a customer instance, but you can see the logs in the customer instance on the 20th of feb in our grafana instance

Expected behavior

Should connect?

Logs

2024-02-20 14:55:30.175	
2024-02-20 14:55:30,175 DEBUG middleware.log :: GET /api/embed/dashboard/XXX/dashcard/17/card/16 202 [ASYNC: completed] 44.0 ms (20 chamadas ao banco de dados) Conexões com o banco de dados: 2 / 15 Threads do Jetty: 3 / 50 (12 ocioso, 0 na fila) (137 total de threads ativas) Consultas ativas: 1 (0 na fila)

2024-02-20 14:55:30.175	

2024-02-20 14:55:30.175	
 :data {:rows [], :cols []}}
2024-02-20 14:55:30.175	
  :async? true},
2024-02-20 14:55:30.175	
   :order-by [[:asc [:field 4958 nil]]]},
2024-02-20 14:55:30.175	
       :name "CompanyId"}]]],
2024-02-20 14:55:30.175	
       :database_type "org.bson.types.ObjectId",
2024-02-20 14:55:30.175	
       :semantic_type :type/Category,
2024-02-20 14:55:30.175	
       :coercion_strategy nil,
2024-02-20 14:55:30.175	
       :effective_type :type/MongoBSONID,
2024-02-20 14:55:30.175	
      {:base_type :type/MongoBSONID,
2024-02-20 14:55:30.175	
      "588f2e77ba57d02cc837589d"
2024-02-20 14:55:30.175	
     [:value
2024-02-20 14:55:30.175	
     [:field 5007 nil]
2024-02-20 14:55:30.175	
    [:=
2024-02-20 14:55:30.175	
        :name "Status"}]]]
2024-02-20 14:55:30.175	
        :database_type "java.lang.Integer",
2024-02-20 14:55:30.175	
        :semantic_type :type/Category,
2024-02-20 14:55:30.175	
        :coercion_strategy nil,
2024-02-20 14:55:30.175	
        :effective_type :type/Integer,
2024-02-20 14:55:30.175	
       {:base_type :type/Integer,
2024-02-20 14:55:30.175	
       1
2024-02-20 14:55:30.175	
      [:value
2024-02-20 14:55:30.175	
      [:field 4958 nil]
2024-02-20 14:55:30.174	
     [:=
2024-02-20 14:55:30.174	
        :name "Status"}]]
2024-02-20 14:55:30.174	
        :database_type "java.lang.Integer",
2024-02-20 14:55:30.174	
        :semantic_type :type/Category,
2024-02-20 14:55:30.174	
        :coercion_strategy nil,
2024-02-20 14:55:30.174	
        :effective_type :type/Integer,
2024-02-20 14:55:30.174	
       {:base_type :type/Integer,
2024-02-20 14:55:30.174	
       7
2024-02-20 14:55:30.174	
      [:value
2024-02-20 14:55:30.174	
      [:field 4958 nil]
2024-02-20 14:55:30.174	
     [:=
2024-02-20 14:55:30.174	
        :name "Status"}]]
2024-02-20 14:55:30.174	
        :database_type "java.lang.Integer",
2024-02-20 14:55:30.174	
        :semantic_type :type/Category,
2024-02-20 14:55:30.174	
        :coercion_strategy nil,
2024-02-20 14:55:30.174	
        :effective_type :type/Integer,
2024-02-20 14:55:30.174	
       {:base_type :type/Integer,
2024-02-20 14:55:30.174	
       9
2024-02-20 14:55:30.174	
      [:value
2024-02-20 14:55:30.174	
      [:field 4958 nil]
2024-02-20 14:55:30.174	
     [:=
2024-02-20 14:55:30.174	
        :name "Status"}]]
2024-02-20 14:55:30.174	
        :database_type "java.lang.Integer",
2024-02-20 14:55:30.174	
        :semantic_type :type/Category,
2024-02-20 14:55:30.174	
        :coercion_strategy nil,
2024-02-20 14:55:30.174	
        :effective_type :type/Integer,
2024-02-20 14:55:30.174	
       {:base_type :type/Integer,
2024-02-20 14:55:30.174	
       0
2024-02-20 14:55:30.174	
      [:value
2024-02-20 14:55:30.174	
      [:field 4958 nil]
2024-02-20 14:55:30.174	
     [:=
2024-02-20 14:55:30.174	
    [:or
2024-02-20 14:55:30.174	
   [:and
2024-02-20 14:55:30.174	
   :filter
2024-02-20 14:55:30.174	
   :breakout [[:field 4958 nil]],
2024-02-20 14:55:30.174	
   :aggregation [[:aggregation-options [:count] {:name "count"}]],
2024-02-20 14:55:30.174	
  {:source-table 72,
2024-02-20 14:55:30.174	
  :query
2024-02-20 14:55:30.174	
  :database 2,
2024-02-20 14:55:30.174	
    :pie.percent-visibility "inside"}},
2024-02-20 14:55:30.174	
    :series-settings {:count {:display "bar"}},
2024-02-20 14:55:30.174	
    :graph.show-values true,
2024-02-20 14:55:30.174	
    :graph.y-axis.labels-enabled false,
2024-02-20 14:55:30.174	
    :pie.show-legend true,
2024-02-20 14:55:30.174	
    :graph.show-goal false,
2024-02-20 14:55:30.174	
    :pie.slice-threshold 2.5,
2024-02-20 14:55:30.174	
    :graph.x-axis.labels-enabled true,
2024-02-20 14:55:30.174	
   {:graph.y-axis.auto-range true,
2024-02-20 14:55:30.174	
   :visualization-settings
2024-02-20 14:55:30.174	
   :dashboard-id 2,
2024-02-20 14:55:30.174	
   :card-name "Total em andamento",
2024-02-20 14:55:30.174	
   :card-id 16,
2024-02-20 14:55:30.174	
  {:context :embedded-dashboard,
2024-02-20 14:55:30.174	
  :info
2024-02-20 14:55:30.174	
   :graph.y_axis.auto_range true},
2024-02-20 14:55:30.174	
   :series_settings {:count {:display "bar", :axis nil}},
2024-02-20 14:55:30.174	
   :pie.show_legend true,
2024-02-20 14:55:30.174	
   :card.title "Em Andamento",
2024-02-20 14:55:30.174	
   :graph.y_axis.labels_enabled false,
2024-02-20 14:55:30.174	
   :graph.x_axis.labels_enabled true,
2024-02-20 14:55:30.174	
   :pie.percent_visibility "inside",
2024-02-20 14:55:30.174	
   :pie.slice_threshold 2.5,
2024-02-20 14:55:30.174	
   :graph.show_values true,
2024-02-20 14:55:30.174	
  {:graph.show_goal false,
2024-02-20 14:55:30.174	
  :viz-settings
2024-02-20 14:55:30.174	
  :middleware {:js-int-to-string? true, :ignore-cached-results? false},
2024-02-20 14:55:30.174	
  :type :query,
2024-02-20 14:55:30.174	
 {:constraints {:max-results 10000, :max-results-bare-rows 2000},
2024-02-20 14:55:30.174	
 :preprocessed
2024-02-20 14:55:30.174	
 :running_time 0,
2024-02-20 14:55:30.174	
 :row_count 0,
2024-02-20 14:55:30.174	
 :error "URLDecoder: Illegal hex characters in escape (%) pattern - Error at index 0 in: \"R6\"",
2024-02-20 14:55:30.174	
 :context :embedded-dashboard,
2024-02-20 14:55:30.174	
 :card_id 16,
2024-02-20 14:55:30.174	
  "query_processor.reducible$async_qp$qp_STAR___60724$fn__60728.invoke(reducible.clj:131)"],
2024-02-20 14:55:30.174	
  "query_processor.reducible$async_qp$qp_STAR___60724$thunk__60726.invoke(reducible.clj:126)"
2024-02-20 14:55:30.174	
  "query_processor.middleware.catch_exceptions$catch_exceptions$fn__71579.invoke(catch_exceptions.clj:171)"
2024-02-20 14:55:30.174	
  "query_processor.middleware.process_userland_query$process_userland_query$fn__70989.invoke(process_userland_query.clj:156)"
2024-02-20 14:55:30.174	
  "query_processor.middleware.constraints$mark_needs_default_userland_constraints$fn__69628.invoke(constraints.clj:102)"
2024-02-20 14:55:30.174	
  "query_processor.middleware.enterprise$handle_audit_app_internal_queries_middleware$fn__70704.invoke(enterprise.clj:103)"
2024-02-20 14:55:30.174	
  "query_processor.middleware.enterprise$fn__70693$handle_audit_app_internal_queries__70694$fn__70696.invoke(enterprise.clj:96)"
2024-02-20 14:55:30.174	
  "query_processor.middleware.normalize_query$normalize$fn__71058.invoke(normalize_query.clj:38)"
2024-02-20 14:55:30.174	
  "query_processor.middleware.resolve_database_and_driver$resolve_database$fn__70753.invoke(resolve_database_and_driver.clj:60)"
2024-02-20 14:55:30.174	
  "query_processor.middleware.store$initialize_store$fn__65543.invoke(store.clj:13)"
2024-02-20 14:55:30.174	
  "query_processor.store$do_with_metadata_provider.invoke(store.clj:150)"
2024-02-20 14:55:30.174	
  "query_processor.store$do_with_metadata_provider.invokeStatic(store.clj:158)"
2024-02-20 14:55:30.174	
  "query_processor.store$do_with_metadata_provider.invoke(store.clj:150)"
2024-02-20 14:55:30.174	
  "query_processor.store$do_with_metadata_provider.invokeStatic(store.clj:169)"
2024-02-20 14:55:30.174	
  "query_processor.middleware.store$initialize_store$fn__65543$fn__65544.invoke(store.clj:14)"
2024-02-20 14:55:30.174	
  "query_processor.middleware.resolve_database_and_driver$resolve_driver_and_database_local_values$fn__70756.invoke(resolve_database_and_driver.clj:76)"
2024-02-20 14:55:30.174	
  "driver$do_with_driver.invoke(driver.clj:89)"
2024-02-20 14:55:30.174	
  "driver$do_with_driver.invokeStatic(driver.clj:94)"
2024-02-20 14:55:30.174	
  "query_processor.middleware.resolve_database_and_driver$resolve_driver_and_database_local_values$fn__70756$fn__70760.invoke(resolve_database_and_driver.clj:77)"
2024-02-20 14:55:30.174	
  "query_processor.middleware.fetch_source_query$resolve_card_id_source_tables$fn__65151.invoke(fetch_source_query.clj:303)"
2024-02-20 14:55:30.174	
  "query_processor$fn__71979$combined_pre_process__71980$combined_pre_process_STAR___71981.invoke(query_processor.clj:259)"
2024-02-20 14:55:30.174	
  "query_processor$fn__71979$combined_post_process__71984$combined_post_process_STAR___71985.invoke(query_processor.clj:262)"
2024-02-20 14:55:30.174	
  "query_processor.middleware.mbql_to_native$mbql__GT_native$fn__69913.invoke(mbql_to_native.clj:24)"
2024-02-20 14:55:30.174	
  "query_processor.middleware.enterprise$maybe_apply_column_level_perms_check_middleware$fn__70676.invoke(enterprise.clj:64)"
2024-02-20 14:55:30.174	
  "query_processor.middleware.enterprise$check_download_permissions_middleware$fn__70666.invoke(enterprise.clj:51)"
2024-02-20 14:55:30.174	
  "query_processor.middleware.permissions$check_query_permissions$fn__65054.invoke(permissions.clj:140)"
2024-02-20 14:55:30.174	
  "query_processor.middleware.cache$maybe_return_cached_results$maybe_return_cached_results_STAR___70845.invoke(cache.clj:229)"
2024-02-20 14:55:30.174	
  "query_processor.reducible$identity_qp.invoke(reducible.clj:36)"
2024-02-20 14:55:30.174	
  "query_processor.reducible$identity_qp.invokeStatic(reducible.clj:39)"
2024-02-20 14:55:30.174	
  "query_processor.context$runf.invoke(context.clj:40)"
2024-02-20 14:55:30.174	
  "query_processor.context$runf.invokeStatic(context.clj:46)"
2024-02-20 14:55:30.174	
  "query_processor.context.default$default_runf.invoke(default.clj:42)"
2024-02-20 14:55:30.174	
  "query_processor.context.default$default_runf.invokeStatic(default.clj:44)"
2024-02-20 14:55:30.174	
  "query_processor.context$executef.invoke(context.clj:49)"
2024-02-20 14:55:30.174	
  "query_processor.context$executef.invokeStatic(context.clj:60)"
2024-02-20 14:55:30.174	
  "driver.mongo$fn__126856.invoke(mongo.clj:296)"
2024-02-20 14:55:30.174	
  "driver.mongo$fn__126856.invokeStatic(mongo.clj:298)"
2024-02-20 14:55:30.174	
  "driver.mongo.connection$do_with_mongo_client.invoke(connection.clj:81)"
2024-02-20 14:55:30.174	
  "driver.mongo.connection$do_with_mongo_client.invokeStatic(connection.clj:85)"
2024-02-20 14:55:30.174	
  "util.ssh$do_with_ssh_tunnel.invoke(ssh.clj:151)"
2024-02-20 14:55:30.174	
  "util.ssh$do_with_ssh_tunnel.invokeStatic(ssh.clj:162)"
2024-02-20 14:55:30.174	
  "driver.mongo.connection$do_with_mongo_client$fn__123107.invoke(connection.clj:86)"
2024-02-20 14:55:30.174	
  "driver.mongo.connection$db_details__GT_mongo_client_settings.invoke(connection.clj:66)"
2024-02-20 14:55:30.174	
  "--> driver.mongo.connection$db_details__GT_mongo_client_settings.invokeStatic(connection.clj:72)"
2024-02-20 14:55:30.174	
  "com.mongodb.ConnectionString.<init>(ConnectionString.java:321)"
2024-02-20 14:55:30.174	
  "com.mongodb.ConnectionString.<init>(ConnectionString.java:387)"
2024-02-20 14:55:30.174	
  "com.mongodb.ConnectionString.urldecode(ConnectionString.java:1239)"
2024-02-20 14:55:30.174	
  "java.base/java.net.URLDecoder.decode(Unknown Source)"
2024-02-20 14:55:30.174	
 ["java.base/java.net.URLDecoder.decode(Unknown Source)"
2024-02-20 14:55:30.174	
 :stacktrace
2024-02-20 14:55:30.174	
 :class java.lang.IllegalArgumentException,
2024-02-20 14:55:30.174	
 :status :failed,
2024-02-20 14:55:30.174	
  :mbql? true},
2024-02-20 14:55:30.174	
  :collection "ServiceOrder",
2024-02-20 14:55:30.174	
   {"$project" {"_id" false, "Status" "$_id.Status", "count" true}}],
2024-02-20 14:55:30.174	
   {"$sort" {"_id" 1}}
2024-02-20 14:55:30.174	
   {"$group" {"_id" {"Status" "$Status"}, "count" {"$sum" 1}}}
2024-02-20 14:55:30.174	
      {"CompanyId" #object[org.bson.types.ObjectId 0x55887226 "588f2e77ba57d02cc837589d"]}]}}
2024-02-20 14:55:30.174	
     [{"$or" [{"Status" 0} {"Status" 9} {"Status" 7} {"Status" 1}]}
2024-02-20 14:55:30.174	
    {"$and"
2024-02-20 14:55:30.174	
  [{"$match"
2024-02-20 14:55:30.174	
  :query
2024-02-20 14:55:30.174	
 {:projections ["Status" "count"],
2024-02-20 14:55:30.174	
 :native
2024-02-20 14:55:30.174	
  :cache-ttl nil},
2024-02-20 14:55:30.174	
  :async? true,
2024-02-20 14:55:30.174	
  :parameters [],
2024-02-20 14:55:30.174	
   :filter [:and [:= [:field 4958 nil] 0 9 7 1] [:= [:field 5007 nil] "588f2e77ba57d02cc837589d"]]},
2024-02-20 14:55:30.174	
   :breakout [[:field 4958 nil]],
2024-02-20 14:55:30.174	
   :aggregation [[:count]],
2024-02-20 14:55:30.174	
  {:source-table 72,
2024-02-20 14:55:30.174	
  :query
2024-02-20 14:55:30.174	
  :database 2,
2024-02-20 14:55:30.174	
   :graph.y_axis.auto_range true},
2024-02-20 14:55:30.174	
   :series_settings {:count {:display "bar", :axis nil}},
2024-02-20 14:55:30.174	
   :pie.show_legend true,
2024-02-20 14:55:30.174	
   :card.title "Em Andamento",
2024-02-20 14:55:30.174	
   :graph.y_axis.labels_enabled false,
2024-02-20 14:55:30.174	
   :graph.x_axis.labels_enabled true,
2024-02-20 14:55:30.174	
   :pie.percent_visibility "inside",
2024-02-20 14:55:30.174	
   :pie.slice_threshold 2.5,
2024-02-20 14:55:30.174	
   :graph.show_values true,
2024-02-20 14:55:30.174	
  {:graph.show_goal false,
2024-02-20 14:55:30.174	
  :viz-settings
2024-02-20 14:55:30.174	
  :middleware {:js-int-to-string? true, :ignore-cached-results? false},
2024-02-20 14:55:30.174	
  :type :query,
2024-02-20 14:55:30.174	
 {:constraints {:max-results 10000, :max-results-bare-rows 2000},
2024-02-20 14:55:30.174	
 :json_query
2024-02-20 14:55:30.174	
 :action_id nil,
2024-02-20 14:55:30.174	
 :started_at #t "2024-02-20T14:55:30.148703Z[GMT]",
2024-02-20 14:55:30.174	
{:database_id 2,
2024-02-20 14:55:30.174	
2024-02-20 14:55:30,174 ERROR middleware.catch-exceptions :: Erro ao processar a consulta: URLDecoder: Illegal hex characters in escape (%) pattern - Error at index 0 in: "R6"

Information about your Metabase installation

v48.6

Severity

P1

Additional context

No response
@paoliniluis paoliniluis added Type:Bug Product defects Database/Mongo .Regression Bugs that were previously fixed and/or bugs unintentionally shipped with new features. labels Feb 20, 2024
@paoliniluis
Copy link
Contributor Author

tagging @lbrdnk

@vviers
Copy link

vviers commented Mar 6, 2024

Hello ! Any update on this ? :) this happened to one of our users as well

@vviers
Copy link

vviers commented Mar 6, 2024

Reverting to 0.48.4 solved the issue for us

@paoliniluis paoliniluis added the Priority:P1 Security holes w/o exploit, crashing, setup/upgrade, login, broken common features, correctness label Mar 18, 2024
@lbrdnk lbrdnk mentioned this issue Apr 17, 2024
Merged
@lbrdnk lbrdnk added this to the 0.49.7 milestone Apr 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@lbrdnk lbrdnk

Labels
Database/Mongo Priority:P1 Security holes w/o exploit, crashing, setup/upgrade, login, broken common features, correctness .Regression Bugs that were previously fixed and/or bugs unintentionally shipped with new features. Type:Bug Product defects
Projects
None yet
Milestone
0.49.7
Development

Successfully merging a pull request may close this issue.

Remove db portion of mongo connection string metabase/metabase
3 participants
@paoliniluis @lbrdnk @vviers