Project

General

Profile

Actions
Copy link

Bug #7584

closed

Filters allow illegal values and fail with 500 internal server error

Added by Rajmund Hruška over 2 years ago. Updated over 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Rajmund Hruška
Category:
Development - GUI
Target version:
2.9.1
Start date:
05/10/2022
Due date:
% Done:

100%

Estimated time:
To be discussed:
No

Description

When creating an advanced filter, it is possible to submit a rule which is not valid, e. g. Target.IP4 IN ["a"]. Such filters are successfully saved but when show view is accessed, the 500 internal server error is shown.

Related issues

Related to Mentat - Bug #7571: XSS at stored filtersClosedRajmund Hruška03/22/2022

Actions
Actions
Copy link
 #1

Updated by Rajmund Hruška over 2 years ago

  • Related to Bug #7571: XSS at stored filters added
Actions
Copy link
 #2

Updated by Rajmund Hruška over 2 years ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

So, the rules were only parsed but they were never compiled. I don't know if that was intentional, but I tried validating the rule by compiling it with IDEAFilterCompiler.

Actions
Copy link
 #3

Updated by Rajmund Hruška over 2 years ago

  • Status changed from Resolved to In Review

Merged into devel and deployed on mentat-alt.

Actions
Copy link
 #4

Updated by Pavel Kácha over 2 years ago

  • Target version changed from 2.10 to 2.9.1
Actions
Copy link
 #5

Updated by Pavel Kácha over 2 years ago

  • Status changed from In Review to Closed
Actions
Copy link

Also available in: Atom PDF