Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Group: Limit the input size to <= SQL 'gid' column #36275

Closed
solracsf opened this issue Jan 20, 2023 · 1 comment
Closed

Add Group: Limit the input size to <= SQL 'gid' column #36275

solracsf opened this issue Jan 20, 2023 · 1 comment
Labels
1. to develop Accepted and waiting to be taken care of 25-feedback bug feature: users and groups

Comments

@solracsf
Copy link
Member

solracsf commented Jan 20, 2023
edited
Loading

To reproduce (v24.0.9 and 25.0.2):

  1. Try to add a new Group with a very big string Name (size is not limited on the input, this is the problem), like:

This is my very big group with a very big string that will trigger the MySQL Error because is too big for the column

  1. Error:
{
  "reqId": "qgb3hlAsxLAV8tfTYtMX",
  "level": 3,
  "time": "2023-01-20T14:33:01+01:00",
  "app": "no app in context",
  "method": "POST",
  "url": "/ocs/v2.php/cloud/groups",
  "message": "An exception occurred while executing a query: SQLSTATE[22001]: String data, right truncated: 1406 Data too long for column 'gid' at row 1",
  "userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36",
  "version": "25.0.2.3",
  "exception": {
    "Exception": "Doctrine\\DBAL\\Exception\\DriverException",
    "Message": "An exception occurred while executing a query: SQLSTATE[22001]: String data, right truncated: 1406 Data too long for column 'gid' at row 1",
    "Code": 1406,
    "Trace": [
      {
        "file": "/var/www/nextcloud/3rdparty/doctrine/dbal/src/Connection.php",
        "line": 1780,
        "function": "convert",
        "class": "Doctrine\\DBAL\\Driver\\API\\MySQL\\ExceptionConverter",
        "type": "->",
        "args": [
          {
            "__class__": "Doctrine\\DBAL\\Driver\\PDO\\Exception"
          },
          {
            "__class__": "Doctrine\\DBAL\\Query"
          }
        ]
      },
      {
        "file": "/var/www/nextcloud/3rdparty/doctrine/dbal/src/Connection.php",
        "line": 1719,
        "function": "handleDriverException",
        "class": "Doctrine\\DBAL\\Connection",
        "type": "->",
        "args": [
          {
            "__class__": "Doctrine\\DBAL\\Driver\\PDO\\Exception"
          },
          {
            "__class__": "Doctrine\\DBAL\\Query"
          }
        ]
      },
      {
        "file": "/var/www/nextcloud/3rdparty/doctrine/dbal/src/Connection.php",
        "line": 1173,
        "function": "convertExceptionDuringQuery",
        "class": "Doctrine\\DBAL\\Connection",
        "type": "->",
        "args": [
          {
            "__class__": "Doctrine\\DBAL\\Driver\\PDO\\Exception"
          },
          "INSERT INTO `oc_groups` (`gid`, `displayname`) VALUES(?, ?)",
          [
            "This is my very big group with a very big string taht will trigger the MySQL Error bacause is too big for to column",
            "This is my very big group with a very big string taht will trigger the MySQL Error bacause is too big for to column"
          ],
          [
            2,
            2
          ]
        ]
      },
      {
        "file": "/var/www/nextcloud/lib/private/DB/Connection.php",
        "line": 294,
        "function": "executeStatement",
        "class": "Doctrine\\DBAL\\Connection",
        "type": "->",
        "args": [
          "INSERT INTO `oc_groups` (`gid`, `displayname`) VALUES(?, ?)",
          [
            "This is my very big group with a very big string taht will trigger the MySQL Error bacause is too big for to column",
            "This is my very big group with a very big string taht will trigger the MySQL Error bacause is too big for to column"
          ],
          [
            2,
            2
          ]
        ]
      },
      {
        "file": "/var/www/nextcloud/3rdparty/doctrine/dbal/src/Query/QueryBuilder.php",
        "line": 354,
        "function": "executeStatement",
        "class": "OC\\DB\\Connection",
        "type": "->",
        "args": [
          "INSERT INTO `oc_groups` (`gid`, `displayname`) VALUES(:dcValue1, :dcValue2)",
          [
            "This is my very big group with a very big string taht will trigger the MySQL Error bacause is too big for to column",
            "This is my very big group with a very big string taht will trigger the MySQL Error bacause is too big for to column"
          ],
          [
            2,
            2
          ]
        ]
      },
      {
        "file": "/var/www/nextcloud/lib/private/DB/QueryBuilder/QueryBuilder.php",
        "line": 281,
        "function": "execute",
        "class": "Doctrine\\DBAL\\Query\\QueryBuilder",
        "type": "->",
        "args": []
      },
      {
        "file": "/var/www/nextcloud/lib/private/Group/Database.php",
        "line": 103,
        "function": "execute",
        "class": "OC\\DB\\QueryBuilder\\QueryBuilder",
        "type": "->",
        "args": []
      },
      {
        "file": "/var/www/nextcloud/lib/private/Group/Manager.php",
        "line": 221,
        "function": "createGroup",
        "class": "OC\\Group\\Database",
        "type": "->",
        "args": [
          "This is my very big group with a very big string taht will trigger the MySQL Error bacause is too big for to column"
        ]
      },
      {
        "file": "/var/www/nextcloud/apps/provisioning_api/lib/Controller/GroupsController.php",
        "line": 250,
        "function": "createGroup",
        "class": "OC\\Group\\Manager",
        "type": "->",
        "args": [
          "This is my very big group with a very big string taht will trigger the MySQL Error bacause is too big for to column"
        ]
      },
      {
        "file": "/var/www/nextcloud/lib/private/AppFramework/Http/Dispatcher.php",
        "line": 225,
        "function": "addGroup",
        "class": "OCA\\Provisioning_API\\Controller\\GroupsController",
        "type": "->",
        "args": [
          "This is my very big group with a very big string taht will trigger the MySQL Error bacause is too big for to column",
          ""
        ]
      },
      {
        "file": "/var/www/nextcloud/lib/private/AppFramework/Http/Dispatcher.php",
        "line": 133,
        "function": "executeController",
        "class": "OC\\AppFramework\\Http\\Dispatcher",
        "type": "->",
        "args": [
          {
            "__class__": "OCA\\Provisioning_API\\Controller\\GroupsController"
          },
          "addGroup"
        ]
      },
      {
        "file": "/var/www/nextcloud/lib/private/AppFramework/App.php",
        "line": 172,
        "function": "dispatch",
        "class": "OC\\AppFramework\\Http\\Dispatcher",
        "type": "->",
        "args": [
          {
            "__class__": "OCA\\Provisioning_API\\Controller\\GroupsController"
          },
          "addGroup"
        ]
      },
      {
        "file": "/var/www/nextcloud/lib/private/Route/Router.php",
        "line": 298,
        "function": "main",
        "class": "OC\\AppFramework\\App",
        "type": "::",
        "args": [
          "OCA\\Provisioning_API\\Controller\\GroupsController",
          "addGroup",
          {
            "__class__": "OC\\AppFramework\\DependencyInjection\\DIContainer"
          },
          [
            "ocs.provisioning_api.Groups.addGroup"
          ]
        ]
      },
      {
        "file": "/var/www/nextcloud/ocs/v1.php",
        "line": 63,
        "function": "match",
        "class": "OC\\Route\\Router",
        "type": "->",
        "args": [
          "/ocsapp/cloud/groups"
        ]
      },
      {
        "file": "/var/www/nextcloud/ocs/v2.php",
        "line": 23,
        "args": [
          "/var/www/nextcloud/ocs/v1.php"
        ],
        "function": "require_once"
      }
    ],
    "File": "/var/www/nextcloud/3rdparty/doctrine/dbal/src/Driver/API/MySQL/ExceptionConverter.php",
    "Line": 114,
    "Previous": {
      "Exception": "Doctrine\\DBAL\\Driver\\PDO\\Exception",
      "Message": "SQLSTATE[22001]: String data, right truncated: 1406 Data too long for column 'gid' at row 1",
      "Code": 1406,
      "Trace": [
        {
          "file": "/var/www/nextcloud/3rdparty/doctrine/dbal/src/Driver/PDO/Statement.php",
          "line": 94,
          "function": "new",
          "class": "Doctrine\\DBAL\\Driver\\PDO\\Exception",
          "type": "::",
          "args": [
            {
              "__class__": "PDOException",
              "errorInfo": [
                "22001",
                1406,
                "Data too long for column 'gid' at row 1"
              ]
            }
          ]
        },
        {
          "file": "/var/www/nextcloud/3rdparty/doctrine/dbal/src/Connection.php",
          "line": 1163,
          "function": "execute",
          "class": "Doctrine\\DBAL\\Driver\\PDO\\Statement",
          "type": "->",
          "args": []
        },
        {
          "file": "/var/www/nextcloud/lib/private/DB/Connection.php",
          "line": 294,
          "function": "executeStatement",
          "class": "Doctrine\\DBAL\\Connection",
          "type": "->",
          "args": [
            "INSERT INTO `oc_groups` (`gid`, `displayname`) VALUES(?, ?)",
            [
              "This is my very big group with a very big string taht will trigger the MySQL Error bacause is too big for to column",
              "This is my very big group with a very big string taht will trigger the MySQL Error bacause is too big for to column"
            ],
            [
              2,
              2
            ]
          ]
        },
        {
          "file": "/var/www/nextcloud/3rdparty/doctrine/dbal/src/Query/QueryBuilder.php",
          "line": 354,
          "function": "executeStatement",
          "class": "OC\\DB\\Connection",
          "type": "->",
          "args": [
            "INSERT INTO `oc_groups` (`gid`, `displayname`) VALUES(:dcValue1, :dcValue2)",
            [
              "This is my very big group with a very big string taht will trigger the MySQL Error bacause is too big for to column",
              "This is my very big group with a very big string taht will trigger the MySQL Error bacause is too big for to column"
            ],
            [
              2,
              2
            ]
          ]
        },
        {
          "file": "/var/www/nextcloud/lib/private/DB/QueryBuilder/QueryBuilder.php",
          "line": 281,
          "function": "execute",
          "class": "Doctrine\\DBAL\\Query\\QueryBuilder",
          "type": "->",
          "args": []
        },
        {
          "file": "/var/www/nextcloud/lib/private/Group/Database.php",
          "line": 103,
          "function": "execute",
          "class": "OC\\DB\\QueryBuilder\\QueryBuilder",
          "type": "->",
          "args": []
        },
        {
          "file": "/var/www/nextcloud/lib/private/Group/Manager.php",
          "line": 221,
          "function": "createGroup",
          "class": "OC\\Group\\Database",
          "type": "->",
          "args": [
            "This is my very big group with a very big string taht will trigger the MySQL Error bacause is too big for to column"
          ]
        },
        {
          "file": "/var/www/nextcloud/apps/provisioning_api/lib/Controller/GroupsController.php",
          "line": 250,
          "function": "createGroup",
          "class": "OC\\Group\\Manager",
          "type": "->",
          "args": [
            "This is my very big group with a very big string taht will trigger the MySQL Error bacause is too big for to column"
          ]
        },
        {
          "file": "/var/www/nextcloud/lib/private/AppFramework/Http/Dispatcher.php",
          "line": 225,
          "function": "addGroup",
          "class": "OCA\\Provisioning_API\\Controller\\GroupsController",
          "type": "->",
          "args": [
            "This is my very big group with a very big string taht will trigger the MySQL Error bacause is too big for to column",
            ""
          ]
        },
        {
          "file": "/var/www/nextcloud/lib/private/AppFramework/Http/Dispatcher.php",
          "line": 133,
          "function": "executeController",
          "class": "OC\\AppFramework\\Http\\Dispatcher",
          "type": "->",
          "args": [
            {
              "__class__": "OCA\\Provisioning_API\\Controller\\GroupsController"
            },
            "addGroup"
          ]
        },
        {
          "file": "/var/www/nextcloud/lib/private/AppFramework/App.php",
          "line": 172,
          "function": "dispatch",
          "class": "OC\\AppFramework\\Http\\Dispatcher",
          "type": "->",
          "args": [
            {
              "__class__": "OCA\\Provisioning_API\\Controller\\GroupsController"
            },
            "addGroup"
          ]
        },
        {
          "file": "/var/www/nextcloud/lib/private/Route/Router.php",
          "line": 298,
          "function": "main",
          "class": "OC\\AppFramework\\App",
          "type": "::",
          "args": [
            "OCA\\Provisioning_API\\Controller\\GroupsController",
            "addGroup",
            {
              "__class__": "OC\\AppFramework\\DependencyInjection\\DIContainer"
            },
            [
              "ocs.provisioning_api.Groups.addGroup"
            ]
          ]
        },
        {
          "file": "/var/www/nextcloud/ocs/v1.php",
          "line": 63,
          "function": "match",
          "class": "OC\\Route\\Router",
          "type": "->",
          "args": [
            "/ocsapp/cloud/groups"
          ]
        },
        {
          "file": "/var/www/nextcloud/ocs/v2.php",
          "line": 23,
          "args": [
            "/var/www/nextcloud/ocs/v1.php"
          ],
          "function": "require_once"
        }
      ],
      "File": "/var/www/nextcloud/3rdparty/doctrine/dbal/src/Driver/PDO/Exception.php",
      "Line": 26,
      "Previous": {
        "Exception": "PDOException",
        "Message": "SQLSTATE[22001]: String data, right truncated: 1406 Data too long for column 'gid' at row 1",
        "Code": "22001",
        "Trace": [
          {
            "file": "/var/www/nextcloud/3rdparty/doctrine/dbal/src/Driver/PDO/Statement.php",
            "line": 92,
            "function": "execute",
            "class": "PDOStatement",
            "type": "->",
            "args": [
              null
            ]
          },
          {
            "file": "/var/www/nextcloud/3rdparty/doctrine/dbal/src/Connection.php",
            "line": 1163,
            "function": "execute",
            "class": "Doctrine\\DBAL\\Driver\\PDO\\Statement",
            "type": "->",
            "args": []
          },
          {
            "file": "/var/www/nextcloud/lib/private/DB/Connection.php",
            "line": 294,
            "function": "executeStatement",
            "class": "Doctrine\\DBAL\\Connection",
            "type": "->",
            "args": [
              "INSERT INTO `oc_groups` (`gid`, `displayname`) VALUES(?, ?)",
              [
                "This is my very big group with a very big string taht will trigger the MySQL Error bacause is too big for to column",
                "This is my very big group with a very big string taht will trigger the MySQL Error bacause is too big for to column"
              ],
              [
                2,
                2
              ]
            ]
          },
          {
            "file": "/var/www/nextcloud/3rdparty/doctrine/dbal/src/Query/QueryBuilder.php",
            "line": 354,
            "function": "executeStatement",
            "class": "OC\\DB\\Connection",
            "type": "->",
            "args": [
              "INSERT INTO `oc_groups` (`gid`, `displayname`) VALUES(:dcValue1, :dcValue2)",
              [
                "This is my very big group with a very big string taht will trigger the MySQL Error bacause is too big for to column",
                "This is my very big group with a very big string taht will trigger the MySQL Error bacause is too big for to column"
              ],
              [
                2,
                2
              ]
            ]
          },
          {
            "file": "/var/www/nextcloud/lib/private/DB/QueryBuilder/QueryBuilder.php",
            "line": 281,
            "function": "execute",
            "class": "Doctrine\\DBAL\\Query\\QueryBuilder",
            "type": "->",
            "args": []
          },
          {
            "file": "/var/www/nextcloud/lib/private/Group/Database.php",
            "line": 103,
            "function": "execute",
            "class": "OC\\DB\\QueryBuilder\\QueryBuilder",
            "type": "->",
            "args": []
          },
          {
            "file": "/var/www/nextcloud/lib/private/Group/Manager.php",
            "line": 221,
            "function": "createGroup",
            "class": "OC\\Group\\Database",
            "type": "->",
            "args": [
              "This is my very big group with a very big string taht will trigger the MySQL Error bacause is too big for to column"
            ]
          },
          {
            "file": "/var/www/nextcloud/apps/provisioning_api/lib/Controller/GroupsController.php",
            "line": 250,
            "function": "createGroup",
            "class": "OC\\Group\\Manager",
            "type": "->",
            "args": [
              "This is my very big group with a very big string taht will trigger the MySQL Error bacause is too big for to column"
            ]
          },
          {
            "file": "/var/www/nextcloud/lib/private/AppFramework/Http/Dispatcher.php",
            "line": 225,
            "function": "addGroup",
            "class": "OCA\\Provisioning_API\\Controller\\GroupsController",
            "type": "->",
            "args": [
              "This is my very big group with a very big string taht will trigger the MySQL Error bacause is too big for to column",
              ""
            ]
          },
          {
            "file": "/var/www/nextcloud/lib/private/AppFramework/Http/Dispatcher.php",
            "line": 133,
            "function": "executeController",
            "class": "OC\\AppFramework\\Http\\Dispatcher",
            "type": "->",
            "args": [
              {
                "__class__": "OCA\\Provisioning_API\\Controller\\GroupsController"
              },
              "addGroup"
            ]
          },
          {
            "file": "/var/www/nextcloud/lib/private/AppFramework/App.php",
            "line": 172,
            "function": "dispatch",
            "class": "OC\\AppFramework\\Http\\Dispatcher",
            "type": "->",
            "args": [
              {
                "__class__": "OCA\\Provisioning_API\\Controller\\GroupsController"
              },
              "addGroup"
            ]
          },
          {
            "file": "/var/www/nextcloud/lib/private/Route/Router.php",
            "line": 298,
            "function": "main",
            "class": "OC\\AppFramework\\App",
            "type": "::",
            "args": [
              "OCA\\Provisioning_API\\Controller\\GroupsController",
              "addGroup",
              {
                "__class__": "OC\\AppFramework\\DependencyInjection\\DIContainer"
              },
              [
                "ocs.provisioning_api.Groups.addGroup"
              ]
            ]
          },
          {
            "file": "/var/www/nextcloud/ocs/v1.php",
            "line": 63,
            "function": "match",
            "class": "OC\\Route\\Router",
            "type": "->",
            "args": [
              "/ocsapp/cloud/groups"
            ]
          },
          {
            "file": "/var/www/nextcloud/ocs/v2.php",
            "line": 23,
            "args": [
              "/var/www/nextcloud/ocs/v1.php"
            ],
            "function": "require_once"
          }
        ],
        "File": "/var/www/nextcloud/3rdparty/doctrine/dbal/src/Driver/PDO/Statement.php",
        "Line": 92
      }
    },
    "CustomMessage": "--"
  },
  "id": "63ca98164ab39"
}
@solracsf solracsf added bug enhancement 0. Needs triage Pending check for reproducibility or if it fits our roadmap 24-feedback 25-feedback 1. to develop Accepted and waiting to be taken care of and removed 0. Needs triage Pending check for reproducibility or if it fits our roadmap labels Jan 20, 2023
@solracsf
Copy link
Member Author

Fixed by #44763

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
1. to develop Accepted and waiting to be taken care of 25-feedback bug feature: users and groups
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@joshtrichards @solracsf @szaimen