Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-33037

hudson.model.Fingerprint.RangeSet.fromString(...) accepts malformed ranges

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved (View Workflow)
    • Priority: Minor
    • Resolution: Fixed
    • Component/s: core
    • Labels:
      None
    • Similar Issues:

      Description

      hudson.model.Fingerprint.RangeSet.fromString(...) accepts a malformed form of string which doesn't represent any range like:

      • "1--5" or "1------5"
      • "1,,5" or "1,,,,,,,5"
      • "1-5-"
      • ",-,"
      • "1-"
      • ",1,2"
      • "5-1" etc.

      Proposed fix:
      We should be very rigid and careful of input validation because this function is directly utilized from e.g. AbstractBuildRangeCommand class where user input string is passed directly without any validation.

        Attachments

          Activity

          Hide
          dogfood dogfood added a comment -

          Integrated in jenkins_main_trunk #4509
          JENKINS-33037 Fixed malformed ranges in RangeSet.fromString() (Revision c1621a2bd09533f874c4aff9d193c334ee97078d)

          Result = SUCCESS
          pjanouse : c1621a2bd09533f874c4aff9d193c334ee97078d
          Files :

          • core/src/main/java/hudson/model/Fingerprint.java
          • core/src/test/java/hudson/model/FingerprintTest.java
          Show
          dogfood dogfood added a comment - Integrated in jenkins_main_trunk #4509 JENKINS-33037 Fixed malformed ranges in RangeSet.fromString() (Revision c1621a2bd09533f874c4aff9d193c334ee97078d) Result = SUCCESS pjanouse : c1621a2bd09533f874c4aff9d193c334ee97078d Files : core/src/main/java/hudson/model/Fingerprint.java core/src/test/java/hudson/model/FingerprintTest.java
          Hide
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: Oliver Gondža
          Path:
          core/src/main/java/hudson/model/Fingerprint.java
          core/src/test/java/hudson/model/FingerprintTest.java
          http://jenkins-ci.org/commit/jenkins/8ba59197e4d44444631c9cf2570749d49f25a724
          Log:
          Merge pull request #2049 from pjanouse/JENKINS-33037

          [FIXED JENKINS-33037] Fixed malformed ranges in RangeSet.fromString()

          Show
          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Oliver Gondža Path: core/src/main/java/hudson/model/Fingerprint.java core/src/test/java/hudson/model/FingerprintTest.java http://jenkins-ci.org/commit/jenkins/8ba59197e4d44444631c9cf2570749d49f25a724 Log: Merge pull request #2049 from pjanouse/ JENKINS-33037 [FIXED JENKINS-33037] Fixed malformed ranges in RangeSet.fromString()
          Hide
          scm_issue_link SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: Ing. Pavel Janousek
          Path:
          core/src/main/java/hudson/model/Fingerprint.java
          core/src/test/java/hudson/model/FingerprintTest.java
          http://jenkins-ci.org/commit/jenkins/c1621a2bd09533f874c4aff9d193c334ee97078d
          Log:
          JENKINS-33037 Fixed malformed ranges in RangeSet.fromString()

          Fix for rejecting malformed ranges in
          hudson.model.Fingerprint.RangeSet.fromString(...)

          Show
          scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Ing. Pavel Janousek Path: core/src/main/java/hudson/model/Fingerprint.java core/src/test/java/hudson/model/FingerprintTest.java http://jenkins-ci.org/commit/jenkins/c1621a2bd09533f874c4aff9d193c334ee97078d Log: JENKINS-33037 Fixed malformed ranges in RangeSet.fromString() Fix for rejecting malformed ranges in hudson.model.Fingerprint.RangeSet.fromString(...)
          Hide
          pajasoft Pavel Janoušek added a comment -

          PR sent.

          Show
          pajasoft Pavel Janoušek added a comment - PR sent.

            People

            Assignee:
            pajasoft Pavel Janoušek
            Reporter:
            pajasoft Pavel Janoušek
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: