Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-33037

hudson.model.Fingerprint.RangeSet.fromString(...) accepts malformed ranges

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Minor Minor
    • core
    • None

      hudson.model.Fingerprint.RangeSet.fromString(...) accepts a malformed form of string which doesn't represent any range like:

      • "1--5" or "1------5"
      • "1,,5" or "1,,,,,,,5"
      • "1-5-"
      • ",-,"
      • "1-"
      • ",1,2"
      • "5-1" etc.

      Proposed fix:
      We should be very rigid and careful of input validation because this function is directly utilized from e.g. AbstractBuildRangeCommand class where user input string is passed directly without any validation.

          [JENKINS-33037] hudson.model.Fingerprint.RangeSet.fromString(...) accepts malformed ranges

            pajasoft Pavel Janoušek
            pajasoft Pavel Janoušek
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: