Closed
Bug 100100
Opened 23 years ago
Closed 23 years ago
Undefined value as ARRAY reference in enter_bug.cgi
Categories
(Bugzilla :: Creating/Changing Bugs, defect)
Tracking
()
RESOLVED
FIXED
Bugzilla 2.16
People
(Reporter: stuartd, Assigned: myk)
Details
Attachments
(1 file, 1 obsolete file)
It is possible, if the product is not defined, to get an error:
Undefined value as ARRAY reference in enter_bug.cgi line 244
This can occur if you are not logged into Bugzilla, and attempt to enter a new
bug. Once logged in, and redirected to the enter_bug.cgi script, the product
information is not present. The check is for @{$::components{$product}} and if
the product is invalid, then the entry in the components array will be
undefined, and you are attempting to use the undefined value as an array
reference.
Reporter | ||
Comment 1•23 years ago
|
||
Comment 2•23 years ago
|
||
Moving to Bugzilla product
Assignee: justdave → myk
Component: Bugzilla → Creating/Changing Bugs
OS: Linux → All
Product: Webtools → Bugzilla
Hardware: PC → All
Summary: Undefined value as ARRAY reference in enter_bug.cgi → Undefined value as ARRAY reference in enter_bug.cgi
Target Milestone: --- → Bugzilla 2.16
Version: other → 2.15
Comment 3•23 years ago
|
||
I am unable to reproduce this.
And I'm unable to see why this patch is necessary. The only way you could run
into this error is if the product you entered didn't exist, and there's already
code earlier in the file that checks for that (you get the "select a product"
page if there's no product).
Is your browser perhaps corrupting the data? What browser are you using? If
it's a browser corruption issue, it still wouldn't hurt to have a check to make
sure the data is valid, but I'm not sure about the way this patch checks it.
What happens if the data is corrupted here? It looks to me like this would fall
though and let you enter the bug anyway, when it should really be throwing an
error of some sort in this situation.
Reporter | ||
Comment 4•23 years ago
|
||
In reviewing this further, I am not sure this is the complete solution.
I had a situation where an invalid product was passed to enter_bug.cgi?product=bogus
The result was the failure reported here. This can occur if someone has a link
they use directly for new bug creation.
The validation of the product seems week. With the patch listed in this bug
applied, it does fall through and allow entry anyway which it should not do.
I agree, a better solution would be to improve the validation of $product.
Although both would be more robust.
I will attatch another patch which is my attempt to validate the product name as
a solution for this.
Reporter | ||
Comment 5•23 years ago
|
||
Updated•23 years ago
|
Attachment #49601 -
Attachment is obsolete: true
Comment 6•23 years ago
|
||
OK, I verified this still exists in bugzilla.mozilla.org. I haven't had a
chance to review the patch here yet though.
Comment 7•23 years ago
|
||
Possibly a dupe of bug #30348, also with a patch.
Comment 9•23 years ago
|
||
We are currently trying to wrap up Bugzilla 2.16. We are now close enough to
release time that anything that wasn't already ranked at P1 isn't going to make
the cut. Thus this is being retargetted at 2.18. If you strongly disagree with
this retargetting, please comment, however, be aware that we only have about 2
weeks left to review and test anything at this point, and we intend to devote
this time to the remaining bugs that were designated as release blockers.
Target Milestone: Bugzilla 2.16 → Bugzilla 2.18
Comment 10•23 years ago
|
||
Also see bug 120543. This patch probably fixes it, but its not a dupe - I think
my other patch is correct from a QOI point of view. This patch goes further,
too, in checking for invalid product names.
Comment 11•23 years ago
|
||
As far as I can see (by looking at the results and the patch), this has been
fixed by templatization.
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED
Comment 12•23 years ago
|
||
Fixed by templatization = Fixed in 2.16 -> setting milestone
Target Milestone: Bugzilla 2.18 → Bugzilla 2.16
Updated•12 years ago
|
QA Contact: matty_is_a_geek → default-qa
You need to log in
before you can comment on or make changes to this bug.
Description
•