Actions
Bug #7780
closedError when sending 0x00 characters
Start date:
09/13/2024
Due date:
% Done:
0%
Estimated time:
To be discussed:
No
Description
Request: /auth_pwd/register?next=
User: flabcesnett1
Session: <SecureCookieSession {'_fresh': False, '_id': '4058e25ab9be32025ddba6baf8b519183b88b018ff4df203114a331029ff06b77652fcf481f01c986ac56a
1b2a542a815613d498b60efce34fb6c81ed005c29b', '_user_id': '5', 'csrf_token': '50db1e6749f75614a3647cc29d37a062b7ac1348', 'identity.auth_type':
None, 'identity.id': '5', 'locale': 'cs', 'timezone': 'Africa/Abidjan'}>
Traceback:
Traceback (most recent call last):
File "/var/mentat/venv/lib/python3.11/site-packages/flask/app.py", line 2529, in wsgi_app
response = self.full_dispatch_request()
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/flask/app.py", line 1825, in full_dispatch_request
rv = self.handle_user_exception(e)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/flask/app.py", line 1823, in full_dispatch_request
rv = self.dispatch_request()
^^^^^^^^^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/flask/app.py", line 1799, in dispatch_request
return self.ensure_sync(self.view_functions[rule.endpoint])(**view_args)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/flask/views.py", line 107, in view
return current_app.ensure_sync(self.dispatch_request)(**kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/hawat/view/__init__.py", line 1714, in dispatch_request
if form.validate_on_submit():
^^^^^^^^^^^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/flask_wtf/form.py", line 86, in validate_on_submit
return self.is_submitted() and self.validate(extra_validators=extra_validators)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/wtforms/form.py", line 329, in validate
return super().validate(extra)
^^^^^^^^^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/wtforms/fields/core.py", line 246, in validate
stop_validation = self._run_validation_chain(form, chain)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/wtforms/fields/core.py", line 266, in _run_validation_chain
validator(form, self)
File "/var/mentat/venv/lib/python3.11/site-packages/hawat/forms.py", line 173, in check_unique_login
user = hawat.db.db_session().query(user_model).filter_by(login=field.data).first()
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/sqlalchemy/orm/query.py", line 2728, in first
return self.limit(1)._iter().first() # type: ignore
^^^^^^^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/sqlalchemy/orm/query.py", line 2827, in _iter
result: Union[ScalarResult[_T], Result[_T]] = self.session.execute(
^^^^^^^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/sqlalchemy/orm/session.py", line 2362, in execute
return self._execute_internal(
^^^^^^^^^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/sqlalchemy/orm/session.py", line 2247, in _execute_internal
result: Result[Any] = compile_state_cls.orm_execute_statement(
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/sqlalchemy/orm/context.py", line 293, in orm_execute_statement
result = conn.execute(
^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/sqlalchemy/engine/base.py", line 1418, in execute
return meth(
^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/sqlalchemy/sql/elements.py", line 515, in _execute_on_connection
return connection._execute_clauseelement(
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/sqlalchemy/engine/base.py", line 1640, in _execute_clauseelement
ret = self._execute_context(
^^^^^^^^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/sqlalchemy/engine/base.py", line 1846, in _execute_context
return self._exec_single_context(
^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/sqlalchemy/engine/base.py", line 1986, in _exec_single_context
self._handle_dbapi_exception(
File "/var/mentat/venv/lib/python3.11/site-packages/sqlalchemy/engine/base.py", line 2358, in _handle_dbapi_exception
raise exc_info[1].with_traceback(exc_info[2])
File "/var/mentat/venv/lib/python3.11/site-packages/sqlalchemy/engine/base.py", line 1967, in _exec_single_context
self.dialect.do_execute(
File "/var/mentat/venv/lib/python3.11/site-packages/sqlalchemy/engine/default.py", line 941, in do_execute
cursor.execute(statement, parameters)
ValueError: A string literal cannot contain NUL (0x00) characters.
[in /var/mentat/venv/lib/python3.11/site-packages/hawat/base.py:203]
Updated by Rajmund Hruška 2 months ago
Similar issue on update:
Request: /users/5/update?
User: flabcesnett1
Session: <SecureCookieSession {'_fresh': False, '_id': '4058e25ab9be32025ddba6baf8b519183b88b018ff4df203114a331029ff06b77652fcf481f01c986ac56a1b2a542a815613d498b60efce34fb6c81ed005c29b', '_user_id': '5', 'csrf_token': '07826a5ef8ec563534ba03ac17956df63e5a39d9', 'identity.auth_type': None, 'identity.id': '5', 'locale': 'en', 'timezone': 'Africa/Abidjan', '_flashes': [('success', Markup('User account <strong>flabcesnett1</strong> was successfully updated.')), ('danger', Markup('Unable to update user account <strong>flabcesnett1</strong>.'))]}>
Traceback:
Traceback (most recent call last):
File "/var/mentat/venv/lib/python3.11/site-packages/hawat/view/__init__.py", line 2278, in dispatch_request
return self.redirect(default_url = self.get_url_next())
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/hawat/view/mixin.py", line 81, in redirect
return flask.redirect(
^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/flask/helpers.py", line 285, in redirect
return current_app.redirect(location, code=code)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/flask/app.py", line 2054, in redirect
return _wz_redirect(location, code=code, Response=self.response_class)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/werkzeug/utils.py", line 277, in redirect
response.headers["Location"] = location
~~~~~~~~~~~~~~~~^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/werkzeug/datastructures/headers.py", line 408, in __setitem__
self.set(key, value)
File "/var/mentat/venv/lib/python3.11/site-packages/werkzeug/datastructures/headers.py", line 330, in set
_value = _str_header_value(_value)
^^^^^^^^^^^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/werkzeug/datastructures/headers.py", line 513, in _str_header_value
raise ValueError("Header values must not contain newline characters.")
ValueError: Header values must not contain newline characters.
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/var/mentat/venv/lib/python3.11/site-packages/flask/app.py", line 2529, in wsgi_app
response = self.full_dispatch_request()
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/flask/app.py", line 1825, in full_dispatch_request
rv = self.handle_user_exception(e)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/flask/app.py", line 1823, in full_dispatch_request
rv = self.dispatch_request()
^^^^^^^^^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/flask/app.py", line 1799, in dispatch_request
return self.ensure_sync(self.view_functions[rule.endpoint])(**view_args)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/flask_login/utils.py", line 290, in decorated_view
return current_app.ensure_sync(func)(*args, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/flask/views.py", line 107, in view
return current_app.ensure_sync(self.dispatch_request)(**kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/hawat/view/__init__.py", line 2281, in dispatch_request
return self.handle_error(item = item)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/hawat/view/__init__.py", line 1530, in handle_error
return self.redirect(default_url = self.get_url_next())
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/hawat/view/mixin.py", line 81, in redirect
return flask.redirect(
^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/flask/helpers.py", line 285, in redirect
return current_app.redirect(location, code=code)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/flask/app.py", line 2054, in redirect
return _wz_redirect(location, code=code, Response=self.response_class)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/werkzeug/utils.py", line 277, in redirect
response.headers["Location"] = location
~~~~~~~~~~~~~~~~^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/werkzeug/datastructures/headers.py", line 408, in __setitem__
self.set(key, value)
File "/var/mentat/venv/lib/python3.11/site-packages/werkzeug/datastructures/headers.py", line 330, in set
_value = _str_header_value(_value)
^^^^^^^^^^^^^^^^^^^^^^^^^
File "/var/mentat/venv/lib/python3.11/site-packages/werkzeug/datastructures/headers.py", line 513, in _str_header_value
raise ValueError("Header values must not contain newline characters.")
ValueError: Header values must not contain newline characters.
Updated by Jakub Maloštik 2 months ago
- Status changed from New to In Progress
- Assignee set to Jakub Maloštik
Updated by Jakub Maloštik about 2 months ago
- Status changed from In Progress to Resolved
Updated by Rajmund Hruška about 2 months ago
- Target version changed from Backlog to 2.14
Updated by Rajmund Hruška about 2 months ago
- Status changed from Resolved to In Review
- Target version changed from 2.14 to 2.13.2
Updated by Rajmund Hruška about 2 months ago
- Status changed from In Review to Closed
Actions