Extra long article link crashes the DB #682
Comments
|
It seems like when someone manipulates the URL to add a quite long value, and we are saving that search as cache (writing in disk) I opened an issue in the saveAs extension method which should take care of this |
|
We could use 255 as the max file path (this value should work for Windows, Mac, Linux) |
… GraphDb (i.e if the attacker send the long request to the graphDB without using TM as an intermediary).
|
With Pull Request #689 |
|
@michaelhidalgo this is one of those bugs that you need to start with the 3 tests that replicate it (on TM_QA, TM_Design and TM_GraphDB) |
Note that this is not the best way to solve that issue since we still have TeamMentor/TM_4_0_Design#697
|
I think this issue can be closed. |
|
Assigning it to @roman87 to confirm. |
|
So what is the status of this? Is this fixed? |
|
yes, it is fixed |
|
Yes it is fixed! El lunes, 11 de mayo de 2015, Dinis Cruz [email protected]
Sent from Gmail Mobile |
|
Can't duplicate this anymore. Fixed |
http://localhost:1337/article/blahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblah
will cause the crash
Here is one TM article that might help:
https://beta.teammentor.net/article/287691cd9ed3/Input-Is-Validated-for-Length,-Range,-Format-And-Type
2015-04-08T21:32:55.183Z - info: method=GET, url=/data/article/blahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblah
fs.js:438
return binding.open(pathModule._makeLong(path), stringToFlags(flags), mode);
^
Error: ENAMETOOLONG, name too long '/home/rom/Dev/TeamMentor/TM_4_0_GraphDB/.tmCache/data_cache/article_blahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblahblah.json'
at Object.fs.openSync (fs.js:438:18)
at Object.fs.writeFileSync (fs.js:977:15)
at String.save_As (/home/rom/Dev/TeamMentor/TM_4_0_GraphDB/node_modules/fluentnode/src/node-native/fs.litcoffee:239:42)
at CacheService.put (/home/rom/Dev/TeamMentor/TM_4_0_GraphDB/node_modules/teammentor/src/services/Cache-Service.coffee:42:43)
at CacheService.put (/home/rom/Dev/TeamMentor/TM_4_0_GraphDB/node_modules/teammentor/src/services/Cache-Service.coffee:1:1)
at Data_API.Swagger_GraphDB.save_To_Cache (/home/rom/Dev/TeamMentor/TM_4_0_GraphDB/src/api/base-classes/Swagger-GraphDB.coffee:41:17)
at Data_API.save_To_Cache (/home/rom/Dev/TeamMentor/TM_4_0_GraphDB/src/api/base-classes/Swagger-GraphDB.coffee:1:1)
at Data_API.Swagger_GraphDB.close_Import_Service_and_Send (/home/rom/Dev/TeamMentor/TM_4_0_GraphDB/src/api/base-classes/Swagger-GraphDB.coffee:18:7)
at Data_API.close_Import_Service_and_Send (/home/rom/Dev/TeamMentor/TM_4_0_GraphDB/src/api/base-classes/Swagger-GraphDB.coffee:1:1)
at /home/rom/Dev/TeamMentor/TM_4_0_GraphDB/src/api/Data-API.coffee:18:10
at /home/rom/Dev/TeamMentor/TM_4_0_GraphDB/src/services/graph/Graph-Find.coffee:92:13
at /home/rom/Dev/TeamMentor/TM_4_0_GraphDB/src/services/graph/Graph-Find.coffee:86:11
at /home/rom/Dev/TeamMentor/TM_4_0_GraphDB/src/services/graph/Graph-Find.coffee:128:28
at CallbackStream. (/home/rom/Dev/TeamMentor/TM_4_0_GraphDB/node_modules/levelgraph/node_modules/callback-stream/index.js:23:5)
at CallbackStream.emit (events.js:117:20)
at finishMaybe (_stream_writable.js:359:12)
at endWritable (_stream_writable.js:366:3)
at CallbackStream.Writable.end (_stream_writable.js:344:5)
at PassThrough.onend (/home/rom/Dev/TeamMentor/TM_4_0_GraphDB/node_modules/levelgraph/node_modules/readable-stream/lib/_stream_readable.js:523:10)
at PassThrough.g (events.js:180:16)
at PassThrough.emit (events.js:117:20)
at /home/rom/Dev/TeamMentor/TM_4_0_GraphDB/node_modules/levelgraph/node_modules/readable-stream/lib/_stream_readable.js:965:16
at process._tickCallback (node.js:419:13)
npm ERR! [email protected] start:
node index.jsnpm ERR! Exit status 8
npm ERR!
npm ERR! Failed at the [email protected] start script.
npm ERR! This is most likely a problem with the TM_4_0_GraphDB package,
npm ERR! not with npm itself.
npm ERR! Tell the author that this fails on your system:
npm ERR! node index.js
npm ERR! You can get their info via:
npm ERR! npm owner ls TM_4_0_GraphDB
npm ERR! There is likely additional logging output above.
npm ERR! System Linux 3.16-0.bpo.2-amd64
npm ERR! command "/usr/local/bin/node" "/usr/local/bin/npm" "start"
npm ERR! cwd /home/rom/Dev/TeamMentor/TM_4_0_GraphDB
npm ERR! node -v v0.10.33
npm ERR! npm -v 1.4.28
npm ERR! code ELIFECYCLE
npm ERR!
npm ERR! Additional logging details can be found in:
npm ERR! /home/rom/Dev/TeamMentor/TM_4_0_GraphDB/npm-debug.log
npm ERR! not ok code 0
The text was updated successfully, but these errors were encountered: