loggerhead

no such revision triggers an OOPS

Bug #698305 reported by Robert Collins on 2011-01-06

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	loggerhead	Fix Released	High	Max Kanat-Alexander

Bug Description

This may be on the wrong project, but - we're seeing OOPSes from loggerhead on simple url hacking:

OOPS-1832CBB6802 for instance

URL: http://bazaar.launchpad.net/%7Eubuntu-branches/ubuntu/lucid/langpack-locales/lucid/revision/64

  Module paste.deploy.config, line 285, in __call__
    return self.app(environ, start_response)
  Module __main__, line 149, in wrapped
  Module paste.wsgilib, line 179, in catch_errors
    app_iter = application(environ, start_response)
  Module launchpad_loggerhead.session, line 53, in __call__
    return self.cookie_handler(environ, start_response)
  Module paste.auth.cookie, line 305, in __call__
    return self.application(environ, response_hook)
  Module launchpad_loggerhead.session, line 80, in _process
    return self.application(environ, response_hook)
  Module paste.httpexceptions, line 636, in __call__
    return self.application(environ, start_response)
  Module launchpad_loggerhead.app, line 228, in __call__
    return view.app(environ, start_response)
  Module loggerhead.apps.branch, line 167, in app
    return c(environ, start_response)
  Module loggerhead.controllers, line 93, in __call__
    vals.update(self.get_values(path, kwargs, headers))
  Module loggerhead.controllers.revision_ui, line 45, in get_values
    revid = self.get_revid()
  Module loggerhead.controllers, line 115, in get_revid
    return h.fix_revid(self.args[0])
  Module loggerhead.history, line 453, in fix_revid
    raise bzrlib.errors.NoSuchRevision(self._branch_nick, revid)
NoSuchRevision: langpack-locales has no revision 64

This should return an error page to the user and not go boom.

See original description

Tags:

Related branches

lp:~mkanat/loggerhead/bad-revno-404

Merged into lp:loggerhead at revision 444

Michael Hudson-Doyle: Approve on 2011-01-11

lp:~mkanat/loggerhead/launchpad

Merged into lp:~launchpad-pqm/loggerhead/devel at revision 179

Brad Crittenden (community): Approve (code) on 2011-02-07

Launchpad PQM Bot: Pending requested 2011-01-20

Revision history for this message

Andrew Bennetts (spiv) wrote on 2011-01-08:

This could happen without URL hacking, if someone follows a link that was made before an uncommit or push --overwrite or even branch renames.

Revision history for this message

Michael Hudson-Doyle (mwhudson) wrote on 2011-01-10:

This is a particular case of bug 243422 ("Loggerhead doesn't validate user input"), but I won't mark it as a duplicate as fixing particular cases will be easier than doing a codebase-wide audit. Speaking of which, patches welcome :-)

Revision history for this message

Robert Collins (lifeless) wrote on 2011-01-10:

Thanks Michael :) - we're seeing 16K oopses from loggerhead per day on LP, so I'm keen to get low hangers cleaned up :>

description:

updated

Max Kanat-Alexander (mkanat) on 2011-01-11

Changed in loggerhead:
assignee:	nobody → Max Kanat-Alexander (mkanat)

Max Kanat-Alexander (mkanat) on 2011-01-11

Changed in loggerhead:
status:	Triaged → In Progress

Revision history for this message

Max Kanat-Alexander (mkanat) wrote on 2011-01-20:

Fixed by making the system return a 404 when asked for a revision that doesn't exist.

Changed in loggerhead:
status:	In Progress → Fix Committed

Robert Collins (lifeless) on 2012-09-11

Changed in loggerhead:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.