Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-32349

Entering a newline in a Label description makes "slave" matrix axis unavailable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Minor Minor
    • core, matrix-project-plugin

      Problem
      If a newline is present in a Label description (), the matrix job configuration "Slaves' option will not be selectable (jenk3-slaves-problem.png). No error is seen in the log files.

      To reproduce
      1). Create a Jenkins slave (if needed). Add a label to that slave MY_LABEL. Edit the label's description as follows:

       "This is 
      a newline in the description"
      

      2). Create a new Multi-configuration project
      3). Attempt to add a "Slaves" axis. The expected dropdown will not appear and it won't be possible to add a Slaves axis.

      Possible cause
      in (JENKINS_HOME)/labels/label.xml, the tags <description> and </description> must be on the same line. The newline in the description adds a newline before the </description> tag above, which seems to cause the matrix job problem as described above. Please see attachments for an example.

      Workaround
      Avoid newlines in the Label description. HTML is permissable there.
      Simple guideline: do not enter a newline when making a label description. One MAY use html <br> and other HTML tags.

      Good:

      This is <b>my</b> name,<br>Matt
      

      Bad:

      This is my name,
      <a newline here causes this issue>
      Matt 
      

          [JENKINS-32349] Entering a newline in a Label description makes "slave" matrix axis unavailable

          I just ran into this as well on Jenkins 1.646. It seems to me that the reason is that the hudson.Functions.jsStringEscape() function (https://github.com/jenkinsci/jenkins/blob/ac566a91e44e3482083355bd5cde3cf65610c4a3/core/src/main/java/hudson/Functions.java#L1333 called from hudson.matrix.LabelAxis.DescriptorImpl.buildLabelCheckBox() called from matrix-project-plugin/src/main/resources/hudson/matrix/LabelAxis/config.jelly) does not escape newlines, so that executing the generated JavaScript code fails with a syntax error. The following patch might therefore fix it (I have not tested this however and don’t have time to):

          diff --git a/core/src/main/java/hudson/Functions.java b/core/src/main/java/hudson/Functions.java
          index 188412b..dd74ada 100644
          --- a/core/src/main/java/hudson/Functions.java
          +++ b/core/src/main/java/hudson/Functions.java
          @@ -1344,6 +1344,9 @@ public class Functions {
                       case '"':
                           buf.append("\\\"");
                           break;
          +            case '\n':
          +                buf.append("\\n");
          +                break;
                       default:
                           buf.append(ch);
                       }
          

          However, maybe showing only the first line of the description would be better – something like this (not tested either):

          diff --git a/src/main/java/hudson/matrix/LabelAxis.java b/src/main/java/hudson/matrix/LabelAxis.java
          index de8b6d1..672cad7 100644
          --- a/src/main/java/hudson/matrix/LabelAxis.java
          +++ b/src/main/java/hudson/matrix/LabelAxis.java
          @@ -79,7 +79,7 @@ public class LabelAxis extends Axis {
                                   Functions.htmlAttributeEscape(la.getName()))
                              +String.format("+has(%s)+",jsstr(la.getName()))
                              +jsstr("/><label class='attach-previous'>%s (%s)</label>",
          -                        la.getName(),la.getDescription());
          +                        la.getName(),la.getDescription().split("[\\r\\n]", 2)[0]);
                       // '${h.jsStringEscape('<input type="checkbox" name="values" json="'+h.htmlAttributeEscape(l.name)+'" ')}'+has("${h.jsStringEscape(l.name)}")+'${h.jsStringEscape('/><label class="attach-previous">'+l.name+' ('+l.description+')</label>')}'
                   }
               }
          

          Christian Walther added a comment - I just ran into this as well on Jenkins 1.646. It seems to me that the reason is that the hudson.Functions.jsStringEscape() function ( https://github.com/jenkinsci/jenkins/blob/ac566a91e44e3482083355bd5cde3cf65610c4a3/core/src/main/java/hudson/Functions.java#L1333 called from hudson.matrix.LabelAxis.DescriptorImpl.buildLabelCheckBox() called from matrix-project-plugin/src/main/resources/hudson/matrix/LabelAxis/config.jelly) does not escape newlines, so that executing the generated JavaScript code fails with a syntax error. The following patch might therefore fix it (I have not tested this however and don’t have time to): diff --git a/core/src/main/java/hudson/Functions.java b/core/src/main/java/hudson/Functions.java index 188412b..dd74ada 100644 --- a/core/src/main/java/hudson/Functions.java +++ b/core/src/main/java/hudson/Functions.java @@ -1344,6 +1344,9 @@ public class Functions { case '"' : buf.append( "\\\" "); break ; + case '\n' : + buf.append( "\\n" ); + break ; default : buf.append(ch); } However, maybe showing only the first line of the description would be better – something like this (not tested either): diff --git a/src/main/java/hudson/matrix/LabelAxis.java b/src/main/java/hudson/matrix/LabelAxis.java index de8b6d1..672cad7 100644 --- a/src/main/java/hudson/matrix/LabelAxis.java +++ b/src/main/java/hudson/matrix/LabelAxis.java @@ -79,7 +79,7 @@ public class LabelAxis extends Axis { Functions.htmlAttributeEscape(la.getName())) + String .format( "+has(%s)+" ,jsstr(la.getName())) +jsstr( "/><label class= 'attach-previous' >%s (%s)</label>" , - la.getName(),la.getDescription()); + la.getName(),la.getDescription().split( "[\\r\\n]" , 2)[0]); // '${h.jsStringEscape(' <input type= "checkbox" name= "values" json= " '+h.htmlAttributeEscape(l.name)+' " ')}' +has( "${h.jsStringEscape(l.name)}" )+ '${h.jsStringEscape(' /><label class= "attach-previous" > '+l.name+' ( '+l.description+' )</label> ')}' } }

          Hi all,

          Any update on this?

          Not a major issues, but it makes our label descriptions hard to edit...

          With best regards,
          Tom.

          Tom Ghyselinck added a comment - Hi all, Any update on this? Not a major issues, but it makes our label descriptions hard to edit... With best regards, Tom.

          Might not be just newlines but also special characters (e.g.: german Umlauts like 'ü')

          Christoph Linder added a comment - Might not be just newlines but also special characters (e.g.: german Umlauts like 'ü')

          We just ran across this issue.

          Reproduced: german Umlauts like ü are not a problem

          Reproduced: new lines are the problem

           

          Futhermore a "corrupted" label destroys the configuration of a job if one saves the job (without any change by the user). Steps 2 repeat for this:

          • Having a working matrix job
          • create label with newline
          • Opening Job Config
          • Hit save (no manual changes)
          • => Job is no longer working, as the setting of labels/slaves was deleted from the underlying xml

          Benedikt Brückmann added a comment - We just ran across this issue. Reproduced: german Umlauts like ü are not a problem Reproduced: new lines are the problem   Futhermore a "corrupted" label destroys the configuration of a job if one saves the job (without any change by the user). Steps 2 repeat for this: Having a working matrix job create label with newline Opening Job Config Hit save (no manual changes) => Job is no longer working, as the setting of labels/slaves was deleted from the underlying xml

          Alex Vesely added a comment -

          Just encountered this. Problem is very easy to solve when you know what to look for, but for a large configuration with many administrators it is a total mystery: someone updates a label description (which is perceived as a safe enough action), and another admin is unable to set labels anymore the next day. 
          As described in the previous comment, this leads to broken jobs when you save an existing multi-config job.

          Alex Vesely added a comment - Just encountered this. Problem is very easy to solve when you know what to look for, but for a large configuration with many administrators it is a total mystery: someone updates a label description (which is perceived as a safe enough action), and another admin is unable to set labels anymore the next day.  As described in the previous comment, this leads to broken jobs when you save an existing multi-config job.

          Christoph Linder added a comment - - edited

          Since this bug is triggered javascript eval() (security anyone?) plus some breakage occurs (config messed up if saved, see above):

          is this really a "minor" bug?
          I suggest raising its severity to "major"

           

          Christoph Linder added a comment - - edited Since this bug is triggered javascript eval() (security anyone?) plus some breakage occurs (config messed up if saved, see above): is this really a "minor" bug? I suggest raising its severity to "major"  

            kohsuke Kohsuke Kawaguchi
            mmlegra Matt Legrand
            Votes:
            6 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated: