Project

General

Profile

Actions

Bug #7584

closed

Filters allow illegal values and fail with 500 internal server error

Added by Rajmund Hruška almost 2 years ago. Updated almost 2 years ago.

Status:
Closed
Priority:
Normal
Category:
Development - GUI
Target version:
Start date:
05/10/2022
Due date:
% Done:

100%

Estimated time:
To be discussed:
No

Description

When creating an advanced filter, it is possible to submit a rule which is not valid, e. g. Target.IP4 IN ["a"]. Such filters are successfully saved but when show view is accessed, the 500 internal server error is shown.


Related issues

Related to Mentat - Bug #7571: XSS at stored filtersClosedRajmund Hruška03/22/2022

Actions
Actions #1

Updated by Rajmund Hruška almost 2 years ago

  • Related to Bug #7571: XSS at stored filters added
Actions #2

Updated by Rajmund Hruška almost 2 years ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

So, the rules were only parsed but they were never compiled. I don't know if that was intentional, but I tried validating the rule by compiling it with IDEAFilterCompiler.

Actions #3

Updated by Rajmund Hruška almost 2 years ago

  • Status changed from Resolved to In Review

Merged into devel and deployed on mentat-alt.

Actions #4

Updated by Pavel Kácha almost 2 years ago

  • Target version changed from 2.10 to 2.9.1
Actions #5

Updated by Pavel Kácha almost 2 years ago

  • Status changed from In Review to Closed
Actions

Also available in: Atom PDF