[jira] [Commented] (SOLR-13202) Three NullPointerExceptions in org.apache.solr.search.JoinQuery.hashCode()
[
https://issues.apache.org/jira/browse/SOLR-13202?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16761743#comment-16761743
]
Cesar Rodriguez commented on SOLR-13202:
In fact, if you run Solr with assertions enabled, the queries above produce an
assertion violation in the constructor of {{JoinQuery}}, which clearly says it
doesn't want null pointers:
{code:java}
public JoinQuery(String fromField, String toField, String coreName, Query
subQuery) {
assert null != fromField;
assert null != toField;
assert null != subQuery;
this.fromField = fromField;
this.toField = toField;
this.q = subQuery;
this.fromIndex = coreName; // may be null
}
{code}
> Three NullPointerExceptions in org.apache.solr.search.JoinQuery.hashCode()
> --
>
> Key: SOLR-13202
> URL: https://issues.apache.org/jira/browse/SOLR-13202
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
>Affects Versions: master (9.0)
> Environment: h1. Steps to reproduce
> * Use a Linux machine.
> * Build commit {{ea2c8ba}} of Solr as described in the section below.
> * Build the films collection as described below.
> * Start the server using the command {{./bin/solr start -f -p 8983 -s
> /tmp/home}}
> * Request the URL given in the bug description.
> h1. Compiling the server
> {noformat}
> git clone https://github.com/apache/lucene-solr
> cd lucene-solr
> git checkout ea2c8ba
> ant compile
> cd solr
> ant server
> {noformat}
> h1. Building the collection
> We followed [Exercise
> 2|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html#exercise-2] from
> the [Solr
> Tutorial|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html]. The
> attached file ({{home.zip}}) gives the contents of folder {{/tmp/home}} that
> you will obtain by following the steps below:
> {noformat}
> mkdir -p /tmp/home
> echo '' >
> /tmp/home/solr.xml
> {noformat}
> In one terminal start a Solr instance in foreground:
> {noformat}
> ./bin/solr start -f -p 8983 -s /tmp/home
> {noformat}
> In another terminal, create a collection of movies, with no shards and no
> replication, and initialize it:
> {noformat}
> bin/solr create -c films
> curl -X POST -H 'Content-type:application/json' --data-binary '{"add-field":
> {"name":"name", "type":"text_general", "multiValued":false, "stored":true}}'
> http://localhost:8983/solr/films/schema
> curl -X POST -H 'Content-type:application/json' --data-binary
> '{"add-copy-field" : {"source":"*","dest":"_text_"}}'
> http://localhost:8983/solr/films/schema
> ./bin/post -c films example/films/films.json
> {noformat}
>Reporter: Cesar Rodriguez
>Priority: Major
> Labels: diffblue, newdev
> Attachments: home.zip
>
>
> Requesting any of the following URLs causes Solr to return an HTTP 500 error
> response:
> {noformat}
> http://localhost:8983/solr/films/select?fq={!join%20from=b%20to=a}
> http://localhost:8983/solr/films/select?fq={!join%20to=a}
> http://localhost:8983/solr/films/select?fq={!join}
> {noformat}
> The error response seems to be caused by the following uncaught exception:
> {noformat}
> java.lang.NullPointerException
> at org.apache.solr.search.JoinQuery.hashCode(JoinQParserPlugin.java:578)
> at org.apache.solr.search.QueryResultKey.(QueryResultKey.java:52)
> at
> org.apache.solr.search.SolrIndexSearcher.getDocListC(SolrIndexSearcher.java:1328)
> at
> org.apache.solr.search.SolrIndexSearcher.search(SolrIndexSearcher.java:567)
> at
> org.apache.solr.handler.component.QueryComponent.doProcessUngroupedSearch(QueryComponent.java:1434)
> at
> org.apache.solr.handler.component.QueryComponent.process(QueryComponent.java:373)
> at
> org.apache.solr.handler.component.SearchHandler.handleRequestBody(SearchHandler.java:298)
> at
> org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:199)
> at org.apache.solr.core.SolrCore.execute(SolrCore.java:2559)
> [...]
> {noformat}
> The problem seems to be related with method {{hasCode}} in the class
> {{org.apache.solr.search.JoinQuery}}:
> {code:java}
> @Override
> public int hashCode() {
> int h = classHash();
> h = h * 31 + fromField.hashCode();
> h = h * 31 + toField.hashCode();
> h = h * 31 + q.hashCode();
> h = h * 31 + Objects.hashCode(fromIndex);
> h = h * 31 + (int) fromCoreOpenTime;
> return h;
> }
> {code}
> The URLs provided above selectively leave uninitialized the fields
> {{fromField}}, {{fromIndex}}, {{q}}, and {{toField}}, but all of these fields
> are accessed by this method.
>
> We found this issue and ~70 more like this using [Diffblue Microservices
> Testing|https://www.diffblue.com/labs/?utm_source=solr-br]. Find more
> information on
[jira] [Commented] (SOLR-12330) Referencing non existing parameter in JSON Facet "filter" (and/or other NPEs) either reported too little and even might be ignored
[
https://issues.apache.org/jira/browse/SOLR-12330?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16759168#comment-16759168
]
Cesar Rodriguez commented on SOLR-12330:
[~mkhludnev], in regard to the following:
{quote}I suppose we can't hunt for those NPE rows one by one, but rater wrap
FacetModule invocation with catch(Exception e) {throw new
SolrException(...,e);}{quote}
I believe you are already aware, but in case it helps, among the 28 issues we
have already submitted this week, 6 of them seem to be related to the facet
module:
https://issues.apache.org/jira/browse/SOLR-13206?jql=labels%20%3D%20diffblue%20AND%20text%20~%20%22facet%22
And 3 of them are NPEs. Each of those tickets contains a stack trace.
Would it be useful if we run a more detailed analysis in this module, aiming at
finding more NPEs or other issues? Cf. my mail to the developer's mailing list
last Monday.
> Referencing non existing parameter in JSON Facet "filter" (and/or other NPEs)
> either reported too little and even might be ignored
> ---
>
> Key: SOLR-12330
> URL: https://issues.apache.org/jira/browse/SOLR-12330
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
> Components: Facet Module
>Affects Versions: 7.3
>Reporter: Mikhail Khludnev
>Assignee: Mikhail Khludnev
>Priority: Major
> Attachments: SOLR-12330.patch, SOLR-12330.patch, SOLR-12330.patch
>
>
> Just encounter such weird behaviour, will recheck and followup.
> {{"filter":["\{!v=$bogus}"]}} responds back with just NPE which makes
> impossible to guess the reason.
> It might be even worse, since {{"filter":[\{"param":"bogus"}]}} seems like
> just silently ignored.
> Once agin, I'll double check.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-13181) NullPointerException in org.apache.solr.request.macro.MacroExpander
[
https://issues.apache.org/jira/browse/SOLR-13181?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16758597#comment-16758597
]
Cesar Rodriguez commented on SOLR-13181:
Thanks [~cpoerschke], and sorry for the patch naming, I've renamed the file now.
I will try to write a test, but note that I found this bug using an automatic
tool and I'm not sure I follow the code very well!
> NullPointerException in org.apache.solr.request.macro.MacroExpander
> ---
>
> Key: SOLR-13181
> URL: https://issues.apache.org/jira/browse/SOLR-13181
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
>Affects Versions: master (9.0)
> Environment: h1. Steps to reproduce
> * Use a Linux machine.
> * Build commit {{ea2c8ba}} of Solr as described in the section below.
> * Build the films collection as described below.
> * Start the server using the command {{./bin/solr start -f -p 8983 -s
> /tmp/home}}
> * Request the URL given in the bug description.
> h1. Compiling the server
> {noformat}
> git clone https://github.com/apache/lucene-solr
> cd lucene-solr
> git checkout ea2c8ba
> ant compile
> cd solr
> ant server
> {noformat}
> h1. Building the collection
> We followed [Exercise
> 2|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html#exercise-2] from
> the [Solr
> Tutorial|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html]. The
> attached file ({{home.zip}}) gives the contents of folder {{/tmp/home}} that
> you will obtain by following the steps below:
> {noformat}
> mkdir -p /tmp/home
> echo '' >
> /tmp/home/solr.xml
> {noformat}
> In one terminal start a Solr instance in foreground:
> {noformat}
> ./bin/solr start -f -p 8983 -s /tmp/home
> {noformat}
> In another terminal, create a collection of movies, with no shards and no
> replication, and initialize it:
> {noformat}
> bin/solr create -c films
> curl -X POST -H 'Content-type:application/json' --data-binary '{"add-field":
> {"name":"name", "type":"text_general", "multiValued":false, "stored":true}}'
> http://localhost:8983/solr/films/schema
> curl -X POST -H 'Content-type:application/json' --data-binary
> '{"add-copy-field" : {"source":"*","dest":"_text_"}}'
> http://localhost:8983/solr/films/schema
> ./bin/post -c films example/films/films.json
> {noformat}
>Reporter: Cesar Rodriguez
>Priority: Minor
> Labels: diffblue, newdev
> Attachments: SOLR-13181.patch, home.zip
>
>
> Requesting the following URL causes Solr to return an HTTP 500 error response:
> {noformat}
> http://localhost:8983/solr/films/select?a=${${b}}
> {noformat}
> The error response seems to be caused by the following uncaught exception:
> {noformat}
> java.lang.StringIndexOutOfBoundsException: String index out of range: -4
> at java.lang.String.substring(String.java:1967)
> at
> org.apache.solr.request.macro.MacroExpander._expand(MacroExpander.java:150)
> at
> org.apache.solr.request.macro.MacroExpander.expand(MacroExpander.java:101)
> at
> org.apache.solr.request.macro.MacroExpander.expand(MacroExpander.java:65)
> at
> org.apache.solr.request.macro.MacroExpander.expand(MacroExpander.java:51)
> at
> org.apache.solr.request.json.RequestUtil.processParams(RequestUtil.java:159)
> at
> org.apache.solr.util.SolrPluginUtils.setDefaults(SolrPluginUtils.java:167)
> at
> org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:196)
> [...]
> {noformat}
> Parameter [macro
> expansion|http://yonik.com/solr-query-parameter-substitution/] seems to take
> place in {{org.apache.solr.request.macro.MacroExpander._expand(String val)}}.
> From reading the code of the function it seems that macros are not expanded
> inside curly brackets {{${...}}}, and so the {{${b}}} inside
> {noformat}
> ${${b}}
> {noformat}
> should not be expanded. But the function seems to fail to detect this
> specific case and graciously refuse to expand it.
> A possible fix could be updating the {{idx}} variable when the {{StrParser}}
> detects that no valid identifier can be found inside the brackets. See
> attached file
> {{0001-Macro-expander-fail-gracefully-on-unsupported-syntax.patch}}.
> We found this bug using [Diffblue Microservices
> Testing|https://www.diffblue.com/labs/]. Find more information on this [fuzz
> testing
> campaign|https://www.diffblue.com/blog/2018/12/19/diffblue-microservice-testing-a-sneak-peek-at-our-early-product-and-results].
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Updated] (SOLR-13181) NullPointerException in org.apache.solr.request.macro.MacroExpander
[
https://issues.apache.org/jira/browse/SOLR-13181?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Cesar Rodriguez updated SOLR-13181:
---
Attachment: (was:
0001-Macro-expander-fail-gracefully-on-unsupported-syntax.patch)
> NullPointerException in org.apache.solr.request.macro.MacroExpander
> ---
>
> Key: SOLR-13181
> URL: https://issues.apache.org/jira/browse/SOLR-13181
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
>Affects Versions: master (9.0)
> Environment: h1. Steps to reproduce
> * Use a Linux machine.
> * Build commit {{ea2c8ba}} of Solr as described in the section below.
> * Build the films collection as described below.
> * Start the server using the command {{./bin/solr start -f -p 8983 -s
> /tmp/home}}
> * Request the URL given in the bug description.
> h1. Compiling the server
> {noformat}
> git clone https://github.com/apache/lucene-solr
> cd lucene-solr
> git checkout ea2c8ba
> ant compile
> cd solr
> ant server
> {noformat}
> h1. Building the collection
> We followed [Exercise
> 2|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html#exercise-2] from
> the [Solr
> Tutorial|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html]. The
> attached file ({{home.zip}}) gives the contents of folder {{/tmp/home}} that
> you will obtain by following the steps below:
> {noformat}
> mkdir -p /tmp/home
> echo '' >
> /tmp/home/solr.xml
> {noformat}
> In one terminal start a Solr instance in foreground:
> {noformat}
> ./bin/solr start -f -p 8983 -s /tmp/home
> {noformat}
> In another terminal, create a collection of movies, with no shards and no
> replication, and initialize it:
> {noformat}
> bin/solr create -c films
> curl -X POST -H 'Content-type:application/json' --data-binary '{"add-field":
> {"name":"name", "type":"text_general", "multiValued":false, "stored":true}}'
> http://localhost:8983/solr/films/schema
> curl -X POST -H 'Content-type:application/json' --data-binary
> '{"add-copy-field" : {"source":"*","dest":"_text_"}}'
> http://localhost:8983/solr/films/schema
> ./bin/post -c films example/films/films.json
> {noformat}
>Reporter: Cesar Rodriguez
>Priority: Minor
> Labels: diffblue, newdev
> Attachments: SOLR-13181.patch, home.zip
>
>
> Requesting the following URL causes Solr to return an HTTP 500 error response:
> {noformat}
> http://localhost:8983/solr/films/select?a=${${b}}
> {noformat}
> The error response seems to be caused by the following uncaught exception:
> {noformat}
> java.lang.StringIndexOutOfBoundsException: String index out of range: -4
> at java.lang.String.substring(String.java:1967)
> at
> org.apache.solr.request.macro.MacroExpander._expand(MacroExpander.java:150)
> at
> org.apache.solr.request.macro.MacroExpander.expand(MacroExpander.java:101)
> at
> org.apache.solr.request.macro.MacroExpander.expand(MacroExpander.java:65)
> at
> org.apache.solr.request.macro.MacroExpander.expand(MacroExpander.java:51)
> at
> org.apache.solr.request.json.RequestUtil.processParams(RequestUtil.java:159)
> at
> org.apache.solr.util.SolrPluginUtils.setDefaults(SolrPluginUtils.java:167)
> at
> org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:196)
> [...]
> {noformat}
> Parameter [macro
> expansion|http://yonik.com/solr-query-parameter-substitution/] seems to take
> place in {{org.apache.solr.request.macro.MacroExpander._expand(String val)}}.
> From reading the code of the function it seems that macros are not expanded
> inside curly brackets {{${...}}}, and so the {{${b}}} inside
> {noformat}
> ${${b}}
> {noformat}
> should not be expanded. But the function seems to fail to detect this
> specific case and graciously refuse to expand it.
> A possible fix could be updating the {{idx}} variable when the {{StrParser}}
> detects that no valid identifier can be found inside the brackets. See
> attached file
> {{0001-Macro-expander-fail-gracefully-on-unsupported-syntax.patch}}.
> We found this bug using [Diffblue Microservices
> Testing|https://www.diffblue.com/labs/]. Find more information on this [fuzz
> testing
> campaign|https://www.diffblue.com/blog/2018/12/19/diffblue-microservice-testing-a-sneak-peek-at-our-early-product-and-results].
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Updated] (SOLR-13181) NullPointerException in org.apache.solr.request.macro.MacroExpander
[
https://issues.apache.org/jira/browse/SOLR-13181?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Cesar Rodriguez updated SOLR-13181:
---
Attachment: SOLR-13181.patch
> NullPointerException in org.apache.solr.request.macro.MacroExpander
> ---
>
> Key: SOLR-13181
> URL: https://issues.apache.org/jira/browse/SOLR-13181
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
>Affects Versions: master (9.0)
> Environment: h1. Steps to reproduce
> * Use a Linux machine.
> * Build commit {{ea2c8ba}} of Solr as described in the section below.
> * Build the films collection as described below.
> * Start the server using the command {{./bin/solr start -f -p 8983 -s
> /tmp/home}}
> * Request the URL given in the bug description.
> h1. Compiling the server
> {noformat}
> git clone https://github.com/apache/lucene-solr
> cd lucene-solr
> git checkout ea2c8ba
> ant compile
> cd solr
> ant server
> {noformat}
> h1. Building the collection
> We followed [Exercise
> 2|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html#exercise-2] from
> the [Solr
> Tutorial|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html]. The
> attached file ({{home.zip}}) gives the contents of folder {{/tmp/home}} that
> you will obtain by following the steps below:
> {noformat}
> mkdir -p /tmp/home
> echo '' >
> /tmp/home/solr.xml
> {noformat}
> In one terminal start a Solr instance in foreground:
> {noformat}
> ./bin/solr start -f -p 8983 -s /tmp/home
> {noformat}
> In another terminal, create a collection of movies, with no shards and no
> replication, and initialize it:
> {noformat}
> bin/solr create -c films
> curl -X POST -H 'Content-type:application/json' --data-binary '{"add-field":
> {"name":"name", "type":"text_general", "multiValued":false, "stored":true}}'
> http://localhost:8983/solr/films/schema
> curl -X POST -H 'Content-type:application/json' --data-binary
> '{"add-copy-field" : {"source":"*","dest":"_text_"}}'
> http://localhost:8983/solr/films/schema
> ./bin/post -c films example/films/films.json
> {noformat}
>Reporter: Cesar Rodriguez
>Priority: Minor
> Labels: diffblue, newdev
> Attachments: SOLR-13181.patch, home.zip
>
>
> Requesting the following URL causes Solr to return an HTTP 500 error response:
> {noformat}
> http://localhost:8983/solr/films/select?a=${${b}}
> {noformat}
> The error response seems to be caused by the following uncaught exception:
> {noformat}
> java.lang.StringIndexOutOfBoundsException: String index out of range: -4
> at java.lang.String.substring(String.java:1967)
> at
> org.apache.solr.request.macro.MacroExpander._expand(MacroExpander.java:150)
> at
> org.apache.solr.request.macro.MacroExpander.expand(MacroExpander.java:101)
> at
> org.apache.solr.request.macro.MacroExpander.expand(MacroExpander.java:65)
> at
> org.apache.solr.request.macro.MacroExpander.expand(MacroExpander.java:51)
> at
> org.apache.solr.request.json.RequestUtil.processParams(RequestUtil.java:159)
> at
> org.apache.solr.util.SolrPluginUtils.setDefaults(SolrPluginUtils.java:167)
> at
> org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:196)
> [...]
> {noformat}
> Parameter [macro
> expansion|http://yonik.com/solr-query-parameter-substitution/] seems to take
> place in {{org.apache.solr.request.macro.MacroExpander._expand(String val)}}.
> From reading the code of the function it seems that macros are not expanded
> inside curly brackets {{${...}}}, and so the {{${b}}} inside
> {noformat}
> ${${b}}
> {noformat}
> should not be expanded. But the function seems to fail to detect this
> specific case and graciously refuse to expand it.
> A possible fix could be updating the {{idx}} variable when the {{StrParser}}
> detects that no valid identifier can be found inside the brackets. See
> attached file
> {{0001-Macro-expander-fail-gracefully-on-unsupported-syntax.patch}}.
> We found this bug using [Diffblue Microservices
> Testing|https://www.diffblue.com/labs/]. Find more information on this [fuzz
> testing
> campaign|https://www.diffblue.com/blog/2018/12/19/diffblue-microservice-testing-a-sneak-peek-at-our-early-product-and-results].
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-13180) ClassCastExceptions in o.a.s.s.facet.FacetModule for valid JSON inputs that are not objects
[
https://issues.apache.org/jira/browse/SOLR-13180?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16758584#comment-16758584
]
Cesar Rodriguez commented on SOLR-13180:
Thanks [~janhoy], following this and your email we stopped including the
{{home.zip}} in subsequent tickets. Also, please note that the 'Environment'
field of all of the bug reports we did contain the necessary instructions to
rebuild the films collections ;)
> ClassCastExceptions in o.a.s.s.facet.FacetModule for valid JSON inputs that
> are not objects
> ---
>
> Key: SOLR-13180
> URL: https://issues.apache.org/jira/browse/SOLR-13180
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
> Components: Facet Module
>Affects Versions: 7.5, master (9.0)
> Environment: Running on Unix, using a git checkout close to master.
> h2. Steps to reproduce
> * Build commit ea2c8ba of Solr as described in the section below.
> * Build the films collection as described below.
> * Start the server using the command \{{“./bin/solr start -f -p 8983 -s
> /tmp/home”}}
> * Request the URL above.
> h2. Compiling the server
> {noformat}
> git clone https://github.com/apache/lucene-solr
> cd lucene-solr
> git checkout ea2c8ba
> ant compile
> cd solr
> ant server
> {noformat}
> h2. Building the collection
> We followed Exercise 2 from the quick start tutorial
> ([http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html#exercise-2]) -
> for reference, I have attached a copy of the database.
> {noformat}
> mkdir -p /tmp/home
> echo '' >
> /tmp/home/solr.xml
> {noformat}
> In one terminal start a Solr instance in foreground:
> {noformat}
> ./bin/solr start -f -p 8983 -s /tmp/home
> {noformat}
> In another terminal, create a collection of movies, with no shards and no
> replication:
> {noformat}
> bin/solr create -c films
> curl -X POST -H 'Content-type:application/json' --data-binary
> '\\{"add-field": {"name":"name", "type":"text_general", "multiValued":false,
> "stored":true}}' http://localhost:8983/solr/films/schema
> curl -X POST -H 'Content-type:application/json' --data-binary
> '\{"add-copy-field" : {"source":"*","dest":"_text_"}}'
> [http://localhost:8983/solr/films/schema]
> ./bin/post -c films example/films/films.json
> {noformat}
>Reporter: Johannes Kloos
>Priority: Minor
> Labels: diffblue, newdev
> Attachments: SOLR-13180.patch, home.zip
>
>
> Requesting the following URL gives a 500 error due to a ClassCastException in
> o.a.s.s.f.FacetModule: [http://localhost:8983/solr/films/select?json=0]
> The error response is caught by an uncaught ClassCastException, with the
> stacktrace shown here:
> java.lang.ClassCastException: java.lang.Long cannot be cast to java.util.Map
> at org.apache.solr.search.facet.FacetModule.prepare(FacetModule.java:78)
> at
> org.apache.solr.handler.component.SearchHandler.handleRequestBody(SearchHandler.java:272)
>
> The cause of this bug is similar to #13178: line 78 in FacetModule reads
> {{jsonFacet = (Map) json.get("facet")}}
> and assumes that the JSON object contained in facet is a JSON object, while
> we only guarantee that it is a JSON value.
> Line 92 semms to contain another situation like this, but I do not have a
> test case handy for this specific case.
> This bug was found using [Diffblue Microservices
> Testing|http://www.diffblue.com/labs]. Find more information on this [test
> campaign|https://www.diffblue.com/blog/2018/12/19/diffblue-microservice-testing-a-sneak-peek-at-our-early-product-and-results].
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Updated] (SOLR-13202) Three NullPointerExceptions in org.apache.solr.search.JoinQuery.hashCode()
[
https://issues.apache.org/jira/browse/SOLR-13202?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Cesar Rodriguez updated SOLR-13202:
---
Description:
Requesting any of the following URLs causes Solr to return an HTTP 500 error
response:
{noformat}
http://localhost:8983/solr/films/select?fq={!join%20from=b%20to=a}
http://localhost:8983/solr/films/select?fq={!join%20to=a}
http://localhost:8983/solr/films/select?fq={!join}
{noformat}
The error response seems to be caused by the following uncaught exception:
{noformat}
java.lang.NullPointerException
at org.apache.solr.search.JoinQuery.hashCode(JoinQParserPlugin.java:578)
at org.apache.solr.search.QueryResultKey.(QueryResultKey.java:52)
at
org.apache.solr.search.SolrIndexSearcher.getDocListC(SolrIndexSearcher.java:1328)
at org.apache.solr.search.SolrIndexSearcher.search(SolrIndexSearcher.java:567)
at
org.apache.solr.handler.component.QueryComponent.doProcessUngroupedSearch(QueryComponent.java:1434)
at
org.apache.solr.handler.component.QueryComponent.process(QueryComponent.java:373)
at
org.apache.solr.handler.component.SearchHandler.handleRequestBody(SearchHandler.java:298)
at
org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:199)
at org.apache.solr.core.SolrCore.execute(SolrCore.java:2559)
[...]
{noformat}
The problem seems to be related with method {{hasCode}} in the class
{{org.apache.solr.search.JoinQuery}}:
{code:java}
@Override
public int hashCode() {
int h = classHash();
h = h * 31 + fromField.hashCode();
h = h * 31 + toField.hashCode();
h = h * 31 + q.hashCode();
h = h * 31 + Objects.hashCode(fromIndex);
h = h * 31 + (int) fromCoreOpenTime;
return h;
}
{code}
The URLs provided above selectively leave uninitialized the fields
{{fromField}}, {{fromIndex}}, {{q}}, and {{toField}}, but all of these fields
are accessed by this method.
We found this issue and ~70 more like this using [Diffblue Microservices
Testing|https://www.diffblue.com/labs/?utm_source=solr-br]. Find more
information on this [fuzz testing
campaign|https://www.diffblue.com/blog/2018/12/19/diffblue-microservice-testing-a-sneak-peek-at-our-early-product-and-results?utm_source=solr-br].
was:
Requesting any of the following URLs causes Solr to return an HTTP 500 error
response:
{noformat}
http://localhost:8983/solr/films/select?fq=\{!join%20from=b%20to=a}
http://localhost:8983/solr/films/select?fq=\{!join%20to=a}
http://localhost:8983/solr/films/select?fq=\{!join}
{noformat}
The error response seems to be caused by the following uncaught exception:
{noformat}
java.lang.NullPointerException
at org.apache.solr.search.JoinQuery.hashCode(JoinQParserPlugin.java:578)
at org.apache.solr.search.QueryResultKey.(QueryResultKey.java:52)
at
org.apache.solr.search.SolrIndexSearcher.getDocListC(SolrIndexSearcher.java:1328)
at org.apache.solr.search.SolrIndexSearcher.search(SolrIndexSearcher.java:567)
at
org.apache.solr.handler.component.QueryComponent.doProcessUngroupedSearch(QueryComponent.java:1434)
at
org.apache.solr.handler.component.QueryComponent.process(QueryComponent.java:373)
at
org.apache.solr.handler.component.SearchHandler.handleRequestBody(SearchHandler.java:298)
at
org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:199)
at org.apache.solr.core.SolrCore.execute(SolrCore.java:2559)
[...]
{noformat}
The problem seems to be related with method {{hasCode}} in the class
{{org.apache.solr.search.JoinQuery}}:
{code:java}
@Override
public int hashCode() {
int h = classHash();
h = h * 31 + fromField.hashCode();
h = h * 31 + toField.hashCode();
h = h * 31 + q.hashCode();
h = h * 31 + Objects.hashCode(fromIndex);
h = h * 31 + (int) fromCoreOpenTime;
return h;
}
{code}
The URLs provided above selectively leave uninitialized the fields
{{fromField}}, {{fromIndex}}, {{q}}, and {{toField}}, but all of these fields
are accessed by this method.
We found this issue and ~70 more like this using [Diffblue Microservices
Testing|https://www.diffblue.com/labs/?utm_source=solr-br]. Find more
information on this [fuzz testing
campaign|https://www.diffblue.com/blog/2018/12/19/diffblue-microservice-testing-a-sneak-peek-at-our-early-product-and-results?utm_source=solr-br].
> Three NullPointerExceptions in org.apache.solr.search.JoinQuery.hashCode()
> --
>
> Key: SOLR-13202
> URL: https://issues.apache.org/jira/browse/SOLR-13202
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
>Affects Versions: master (9.0)
> Environment: h1. Steps to reproduce
> * Use a Linux machine.
> * Build commit {{ea2c8ba}} of Solr as described in the section below.
> * Build the films collection as
[jira] [Created] (SOLR-13209) NullPointerException from call in org.apache.solr.search.SolrIndexSearcher.getDocSet
Cesar Rodriguez created SOLR-13209:
--
Summary: NullPointerException from call in
org.apache.solr.search.SolrIndexSearcher.getDocSet
Key: SOLR-13209
URL: https://issues.apache.org/jira/browse/SOLR-13209
Project: Solr
Issue Type: Bug
Security Level: Public (Default Security Level. Issues are Public)
Affects Versions: master (9.0)
Environment: h1. Steps to reproduce
* Use a Linux machine.
* Build commit {{ea2c8ba}} of Solr as described in the section below.
* Build the films collection as described below.
* Start the server using the command {{./bin/solr start -f -p 8983 -s
/tmp/home}}
* Request the URL given in the bug description.
h1. Compiling the server
{noformat}
git clone https://github.com/apache/lucene-solr
cd lucene-solr
git checkout ea2c8ba
ant compile
cd solr
ant server
{noformat}
h1. Building the collection and reproducing the bug
We followed [Exercise
2|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html#exercise-2] from
the [Solr Tutorial|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html].
{noformat}
mkdir -p /tmp/home
echo '' > /tmp/home/solr.xml
{noformat}
In one terminal start a Solr instance in foreground:
{noformat}
./bin/solr start -f -p 8983 -s /tmp/home
{noformat}
In another terminal, create a collection of movies, with no shards and no
replication, and initialize it:
{noformat}
bin/solr create -c films
curl -X POST -H 'Content-type:application/json' --data-binary '{"add-field":
{"name":"name", "type":"text_general", "multiValued":false, "stored":true}}'
http://localhost:8983/solr/films/schema
curl -X POST -H 'Content-type:application/json' --data-binary
'{"add-copy-field" : {"source":"*","dest":"_text_"}}'
http://localhost:8983/solr/films/schema
./bin/post -c films example/films/films.json
curl -v “URL_BUG”
{noformat}
Please check the issue description below to find the “URL_BUG” that will allow
you to reproduce the issue reported.
Reporter: Cesar Rodriguez
Requesting the following URL causes Solr to return an HTTP 500 error response:
{noformat}
http://localhost:8983/solr/films/select?group=true
{noformat}
The error response seems to be caused by the following uncaught exception:
{noformat}
java.lang.NullPointerException
at
java.util.concurrent.ConcurrentHashMap.get(ConcurrentHashMap.java:936)
at
org.apache.solr.util.ConcurrentLRUCache.get(ConcurrentLRUCache.java:124)
at org.apache.solr.search.FastLRUCache.get(FastLRUCache.java:163)
at
org.apache.solr.search.SolrIndexSearcher.getDocSet(SolrIndexSearcher.java:792)
at
org.apache.solr.search.Grouping$CommandQuery.createFirstPassCollector(Grouping.java:860)
at org.apache.solr.search.Grouping.execute(Grouping.java:327)
at
org.apache.solr.handler.component.QueryComponent.doProcessGroupedSearch(QueryComponent.java:1408)
at
org.apache.solr.handler.component.QueryComponent.process(QueryComponent.java:365)
at
org.apache.solr.handler.component.SearchHandler.handleRequestBody(SearchHandler.java:298)
at
org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:199)
at org.apache.solr.core.SolrCore.execute(SolrCore.java:2559)
[...]
{noformat}
Method {{org.apache.solr.search.SolrIndexSearcher.getDocSet()}}, at line 792
calls {{filterCache.get(absQ)}} where {{absQ}} is a null pointer. I think this
null pointer comes in fact from the caller, but I don't fully follow the logic
of the code.
To set up an environment to reproduce this bug, follow the description in the
‘Environment’ field.
We automatically found this issue and ~70 more like this using [Diffblue
Microservices Testing|https://www.diffblue.com/labs/?utm_source=solr-br]. Find
more information on this [fuzz testing
campaign|https://www.diffblue.com/blog/2018/12/19/diffblue-microservice-testing-a-sneak-peek-at-our-early-product-and-results?utm_source=solr-br].
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Updated] (SOLR-13187) NullPointerException at o.a.solr.search.QParser.getParser
[
https://issues.apache.org/jira/browse/SOLR-13187?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Cesar Rodriguez updated SOLR-13187:
---
Labels: diffblue newdev (was: diffblue)
> NullPointerException at o.a.solr.search.QParser.getParser
> -
>
> Key: SOLR-13187
> URL: https://issues.apache.org/jira/browse/SOLR-13187
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
>Affects Versions: master (9.0)
> Environment: h1. Steps to reproduce
> * Use a Linux machine.
> * Build commit {{ea2c8ba}} of Solr as described in the section below.
> * Build the films collection as described below.
> * Start the server using the command {{./bin/solr start -f -p 8983 -s
> /tmp/home}}
> * Request the URL given in the bug description.
> h1. Compiling the server
> {noformat}
> git clone https://github.com/apache/lucene-solr
> cd lucene-solr
> git checkout ea2c8ba
> ant compile
> cd solr
> ant server
> {noformat}
> h1. Building the collection
> We followed [Exercise
> 2|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html#exercise-2] from
> the [Solr
> Tutorial|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html]. The
> attached file ({{home.zip}}) gives the contents of folder {{/tmp/home}} that
> you will obtain by following the steps below:
> {noformat}
> mkdir -p /tmp/home
> echo '' >
> /tmp/home/solr.xml
> {noformat}
> In one terminal start a Solr instance in foreground:
> {noformat}
> ./bin/solr start -f -p 8983 -s /tmp/home
> {noformat}
> In another terminal, create a collection of movies, with no shards and no
> replication, and initialize it:
> {noformat}
> bin/solr create -c films
> curl -X POST -H 'Content-type:application/json' --data-binary '{"add-field":
> {"name":"name", "type":"text_general", "multiValued":false, "stored":true}}'
> http://localhost:8983/solr/films/schema
> curl -X POST -H 'Content-type:application/json' --data-binary
> '{"add-copy-field" : {"source":"*","dest":"_text_"}}'
> http://localhost:8983/solr/films/schema
> ./bin/post -c films example/films/films.json
> {noformat}
>Reporter: Cesar Rodriguez
>Priority: Minor
> Labels: diffblue, newdev
> Attachments: home.zip
>
>
> Requesting the following URL causes Solr to return an HTTP 500 error response:
> {noformat}
> http://localhost:8983/solr/films/select?fq={!a}
> {noformat}
> The error response seems to be caused by the following uncaught exception:
> {noformat}
> java.lang.NullPointerException
> at org.apache.solr.search.QParser.getParser(QParser.java:367)
> at org.apache.solr.search.QParser.getParser(QParser.java:319)
> at org.apache.solr.search.QParser.getParser(QParser.java:309)
> at
> org.apache.solr.handler.component.QueryComponent.prepare(QueryComponent.java:203)
> at
> org.apache.solr.handler.component.SearchHandler.handleRequestBody(SearchHandler.java:272)
> at
> org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:199)
> at org.apache.solr.core.SolrCore.execute(SolrCore.java:2559)
> at org.apache.solr.servlet.HttpSolrCall.execute(HttpSolrCall.java:711)
> at org.apache.solr.servlet.HttpSolrCall.call(HttpSolrCall.java:516)
> at
> org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:394)
> at
> org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:340)
> at
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1602)
> [...]
> {noformat}
> The call to {{getQueryPlugin}} from
> {{org.apache.solr.search.QParser.getParser()}}, at line 366, can return a
> null pointer, as witnessed by the URL above. Method {{getParser}} should
> probably check for this.
> We found this bug using [Diffblue Microservices
> Testing|https://www.diffblue.com/labs/]. Find more information on this [fuzz
> testing
> campaign|https://www.diffblue.com/blog/2018/12/19/diffblue-microservice-testing-a-sneak-peek-at-our-early-product-and-results].
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Updated] (SOLR-13183) NullPointerException at o.a.solr.servlet.SolrDispatchFilter.doFilter
[
https://issues.apache.org/jira/browse/SOLR-13183?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Cesar Rodriguez updated SOLR-13183:
---
Labels: diffblue newdev (was: diffblue)
> NullPointerException at o.a.solr.servlet.SolrDispatchFilter.doFilter
>
>
> Key: SOLR-13183
> URL: https://issues.apache.org/jira/browse/SOLR-13183
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
>Affects Versions: master (9.0)
> Environment: h1. Steps to reproduce
> * Use a Linux machine.
> * Build commit {{ea2c8ba}} of Solr as described in the section below.
> * Build the films collection as described below.
> * Start the server using the command {{./bin/solr start -f -p 8983 -s
> /tmp/home}}
> * Request the URL given in the bug description.
> h1. Compiling the server
> {noformat}
> git clone https://github.com/apache/lucene-solr
> cd lucene-solr
> git checkout ea2c8ba
> ant compile
> cd solr
> ant server
> {noformat}
> h1. Building the collection
> We followed [Exercise
> 2|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html#exercise-2] from
> the [Solr
> Tutorial|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html]. The
> attached file ({{home.zip}}) gives the contents of folder {{/tmp/home}} that
> you will obtain by following the steps below:
> {noformat}
> mkdir -p /tmp/home
> echo '' >
> /tmp/home/solr.xml
> {noformat}
> In one terminal start a Solr instance in foreground:
> {noformat}
> ./bin/solr start -f -p 8983 -s /tmp/home
> {noformat}
> In another terminal, create a collection of movies, with no shards and no
> replication, and initialize it:
> {noformat}
> bin/solr create -c films
> curl -X POST -H 'Content-type:application/json' --data-binary '{"add-field":
> {"name":"name", "type":"text_general", "multiValued":false, "stored":true}}'
> http://localhost:8983/solr/films/schema
> curl -X POST -H 'Content-type:application/json' --data-binary
> '{"add-copy-field" : {"source":"*","dest":"_text_"}}'
> http://localhost:8983/solr/films/schema
> ./bin/post -c films example/films/films.json
> {noformat}
>Reporter: Cesar Rodriguez
>Priority: Minor
> Labels: diffblue, newdev
> Attachments: home.zip
>
>
> Requesting the following URL causes Solr to return an HTTP 500 error response:
> {noformat}
> http://localhost:8983/solr/films/schema/%25
> {noformat}
> The error response seems to be caused by the following uncaught exception:
> {noformat}
> java.lang.NullPointerException
> at
> org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:403)
> at
> org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:340)
> at
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1602)
> at
> org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:540)
> at
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:146)
> at
> org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548)
> [...]
> {noformat}
> Function SolrDisplatchFilter.doFilter(), line 403 calls methods forward() on
> a null pointer. The problem happens because
> ServletRequestWrapper.getRequestDispatcher(), line 338 returns null. And that
> happens because
> org.eclipse.jetty.server.handler.ContextHandler.Context.getRequestDispatcher()
> returns a null pointer. This happens because
> org.eclipse.jetty.http.HttpURI.getDecodedPath() tries to decode the string
> {{/solr/films/schema/%}}, which is an invalid encoding.
> I don’t fully follow the logic of the code but it seems that the
> percent-encoding of the URL has first been decoded and then it’s being
> decoded again?
> We found this bug using [Diffblue Microservices
> Testing|https://www.diffblue.com/labs/]. Find more information on this [fuzz
> testing
> campaign|https://www.diffblue.com/blog/2018/12/19/diffblue-microservice-testing-a-sneak-peek-at-our-early-product-and-results].
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Updated] (SOLR-13187) NullPointerException at o.a.solr.search.QParser.getParser
[
https://issues.apache.org/jira/browse/SOLR-13187?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Cesar Rodriguez updated SOLR-13187:
---
Labels: diffblue (was: )
> NullPointerException at o.a.solr.search.QParser.getParser
> -
>
> Key: SOLR-13187
> URL: https://issues.apache.org/jira/browse/SOLR-13187
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
>Affects Versions: master (9.0)
> Environment: h1. Steps to reproduce
> * Use a Linux machine.
> * Build commit {{ea2c8ba}} of Solr as described in the section below.
> * Build the films collection as described below.
> * Start the server using the command {{./bin/solr start -f -p 8983 -s
> /tmp/home}}
> * Request the URL given in the bug description.
> h1. Compiling the server
> {noformat}
> git clone https://github.com/apache/lucene-solr
> cd lucene-solr
> git checkout ea2c8ba
> ant compile
> cd solr
> ant server
> {noformat}
> h1. Building the collection
> We followed [Exercise
> 2|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html#exercise-2] from
> the [Solr
> Tutorial|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html]. The
> attached file ({{home.zip}}) gives the contents of folder {{/tmp/home}} that
> you will obtain by following the steps below:
> {noformat}
> mkdir -p /tmp/home
> echo '' >
> /tmp/home/solr.xml
> {noformat}
> In one terminal start a Solr instance in foreground:
> {noformat}
> ./bin/solr start -f -p 8983 -s /tmp/home
> {noformat}
> In another terminal, create a collection of movies, with no shards and no
> replication, and initialize it:
> {noformat}
> bin/solr create -c films
> curl -X POST -H 'Content-type:application/json' --data-binary '{"add-field":
> {"name":"name", "type":"text_general", "multiValued":false, "stored":true}}'
> http://localhost:8983/solr/films/schema
> curl -X POST -H 'Content-type:application/json' --data-binary
> '{"add-copy-field" : {"source":"*","dest":"_text_"}}'
> http://localhost:8983/solr/films/schema
> ./bin/post -c films example/films/films.json
> {noformat}
>Reporter: Cesar Rodriguez
>Priority: Minor
> Labels: diffblue
> Attachments: home.zip
>
>
> Requesting the following URL causes Solr to return an HTTP 500 error response:
> {noformat}
> http://localhost:8983/solr/films/select?fq={!a}
> {noformat}
> The error response seems to be caused by the following uncaught exception:
> {noformat}
> java.lang.NullPointerException
> at org.apache.solr.search.QParser.getParser(QParser.java:367)
> at org.apache.solr.search.QParser.getParser(QParser.java:319)
> at org.apache.solr.search.QParser.getParser(QParser.java:309)
> at
> org.apache.solr.handler.component.QueryComponent.prepare(QueryComponent.java:203)
> at
> org.apache.solr.handler.component.SearchHandler.handleRequestBody(SearchHandler.java:272)
> at
> org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:199)
> at org.apache.solr.core.SolrCore.execute(SolrCore.java:2559)
> at org.apache.solr.servlet.HttpSolrCall.execute(HttpSolrCall.java:711)
> at org.apache.solr.servlet.HttpSolrCall.call(HttpSolrCall.java:516)
> at
> org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:394)
> at
> org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:340)
> at
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1602)
> [...]
> {noformat}
> The call to {{getQueryPlugin}} from
> {{org.apache.solr.search.QParser.getParser()}}, at line 366, can return a
> null pointer, as witnessed by the URL above. Method {{getParser}} should
> probably check for this.
> We found this bug using [Diffblue Microservices
> Testing|https://www.diffblue.com/labs/]. Find more information on this [fuzz
> testing
> campaign|https://www.diffblue.com/blog/2018/12/19/diffblue-microservice-testing-a-sneak-peek-at-our-early-product-and-results].
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Updated] (SOLR-13202) Three NullPointerExceptions in org.apache.solr.search.JoinQuery.hashCode()
[
https://issues.apache.org/jira/browse/SOLR-13202?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Cesar Rodriguez updated SOLR-13202:
---
Description:
Requesting any of the following URLs causes Solr to return an HTTP 500 error
response:
{noformat}
http://localhost:8983/solr/films/select?fq=\{!join%20from=b%20to=a}
http://localhost:8983/solr/films/select?fq=\{!join%20to=a}
http://localhost:8983/solr/films/select?fq=\{!join}
{noformat}
The error response seems to be caused by the following uncaught exception:
{noformat}
java.lang.NullPointerException
at org.apache.solr.search.JoinQuery.hashCode(JoinQParserPlugin.java:578)
at org.apache.solr.search.QueryResultKey.(QueryResultKey.java:52)
at
org.apache.solr.search.SolrIndexSearcher.getDocListC(SolrIndexSearcher.java:1328)
at org.apache.solr.search.SolrIndexSearcher.search(SolrIndexSearcher.java:567)
at
org.apache.solr.handler.component.QueryComponent.doProcessUngroupedSearch(QueryComponent.java:1434)
at
org.apache.solr.handler.component.QueryComponent.process(QueryComponent.java:373)
at
org.apache.solr.handler.component.SearchHandler.handleRequestBody(SearchHandler.java:298)
at
org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:199)
at org.apache.solr.core.SolrCore.execute(SolrCore.java:2559)
[...]
{noformat}
The problem seems to be related with method {{hasCode}} in the class
{{org.apache.solr.search.JoinQuery}}:
{code:java}
@Override
public int hashCode() {
int h = classHash();
h = h * 31 + fromField.hashCode();
h = h * 31 + toField.hashCode();
h = h * 31 + q.hashCode();
h = h * 31 + Objects.hashCode(fromIndex);
h = h * 31 + (int) fromCoreOpenTime;
return h;
}
{code}
The URLs provided above selectively leave uninitialized the fields
{{fromField}}, {{fromIndex}}, {{q}}, and {{toField}}, but all of these fields
are accessed by this method.
We found this issue and ~70 more like this using [Diffblue Microservices
Testing|https://www.diffblue.com/labs/?utm_source=solr-br]. Find more
information on this [fuzz testing
campaign|https://www.diffblue.com/blog/2018/12/19/diffblue-microservice-testing-a-sneak-peek-at-our-early-product-and-results?utm_source=solr-br].
was:
Requesting any of the following URLs causes Solr to return an HTTP 500 error
response:
{noformat}
http://localhost:8983/solr/films/select?fq=\{!join%20from=b%20to=a}
http://localhost:8983/solr/films/select?fq=\{!join%20to=a}
http://localhost:8983/solr/films/select?fq=\{!join}
{noformat}
The error response seems to be caused by the following uncaught exception:
{noformat}
java.lang.NullPointerException
at org.apache.solr.search.JoinQuery.hashCode(JoinQParserPlugin.java:578)
at org.apache.solr.search.QueryResultKey.(QueryResultKey.java:52)
at
org.apache.solr.search.SolrIndexSearcher.getDocListC(SolrIndexSearcher.java:1328)
at org.apache.solr.search.SolrIndexSearcher.search(SolrIndexSearcher.java:567)
at
org.apache.solr.handler.component.QueryComponent.doProcessUngroupedSearch(QueryComponent.java:1434)
at
org.apache.solr.handler.component.QueryComponent.process(QueryComponent.java:373)
at
org.apache.solr.handler.component.SearchHandler.handleRequestBody(SearchHandler.java:298)
at
org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:199)
at org.apache.solr.core.SolrCore.execute(SolrCore.java:2559)
[...]
{noformat}
The problem seems to be with method {{hasCode}} in the class
{{org.apache.solr.search.JoinQuery}}:
{code:java}
@Override
public int hashCode() {
int h = classHash();
h = h * 31 + fromField.hashCode();
h = h * 31 + toField.hashCode();
h = h * 31 + q.hashCode();
h = h * 31 + Objects.hashCode(fromIndex);
h = h * 31 + (int) fromCoreOpenTime;
return h;
}
{code}
The URLs provided above selectively leave uninitialized the fields
{{fromField}}, {{fromIndex}}, {{q}}, and {{toField}}, but all of these fields
are accessed by this method.
We found this issue and ~70 more like this using [Diffblue Microservices
Testing|https://www.diffblue.com/labs/?utm_source=solr-br]. Find more
information on this [fuzz testing
campaign|https://www.diffblue.com/blog/2018/12/19/diffblue-microservice-testing-a-sneak-peek-at-our-early-product-and-results?utm_source=solr-br].
> Three NullPointerExceptions in org.apache.solr.search.JoinQuery.hashCode()
> --
>
> Key: SOLR-13202
> URL: https://issues.apache.org/jira/browse/SOLR-13202
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
>Affects Versions: master (9.0)
> Environment: h1. Steps to reproduce
> * Use a Linux machine.
> * Build commit {{ea2c8ba}} of Solr as described in the section below.
> * Build the films collection as
[jira] [Updated] (SOLR-13181) NullPointerException in org.apache.solr.request.macro.MacroExpander
[
https://issues.apache.org/jira/browse/SOLR-13181?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Cesar Rodriguez updated SOLR-13181:
---
Labels: diffblue (was: )
> NullPointerException in org.apache.solr.request.macro.MacroExpander
> ---
>
> Key: SOLR-13181
> URL: https://issues.apache.org/jira/browse/SOLR-13181
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
>Affects Versions: master (9.0)
> Environment: h1. Steps to reproduce
> * Use a Linux machine.
> * Build commit {{ea2c8ba}} of Solr as described in the section below.
> * Build the films collection as described below.
> * Start the server using the command {{./bin/solr start -f -p 8983 -s
> /tmp/home}}
> * Request the URL given in the bug description.
> h1. Compiling the server
> {noformat}
> git clone https://github.com/apache/lucene-solr
> cd lucene-solr
> git checkout ea2c8ba
> ant compile
> cd solr
> ant server
> {noformat}
> h1. Building the collection
> We followed [Exercise
> 2|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html#exercise-2] from
> the [Solr
> Tutorial|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html]. The
> attached file ({{home.zip}}) gives the contents of folder {{/tmp/home}} that
> you will obtain by following the steps below:
> {noformat}
> mkdir -p /tmp/home
> echo '' >
> /tmp/home/solr.xml
> {noformat}
> In one terminal start a Solr instance in foreground:
> {noformat}
> ./bin/solr start -f -p 8983 -s /tmp/home
> {noformat}
> In another terminal, create a collection of movies, with no shards and no
> replication, and initialize it:
> {noformat}
> bin/solr create -c films
> curl -X POST -H 'Content-type:application/json' --data-binary '{"add-field":
> {"name":"name", "type":"text_general", "multiValued":false, "stored":true}}'
> http://localhost:8983/solr/films/schema
> curl -X POST -H 'Content-type:application/json' --data-binary
> '{"add-copy-field" : {"source":"*","dest":"_text_"}}'
> http://localhost:8983/solr/films/schema
> ./bin/post -c films example/films/films.json
> {noformat}
>Reporter: Cesar Rodriguez
>Priority: Minor
> Labels: diffblue
> Attachments:
> 0001-Macro-expander-fail-gracefully-on-unsupported-syntax.patch, home.zip
>
>
> Requesting the following URL causes Solr to return an HTTP 500 error response:
> {noformat}
> http://localhost:8983/solr/films/select?a=${${b}}
> {noformat}
> The error response seems to be caused by the following uncaught exception:
> {noformat}
> java.lang.StringIndexOutOfBoundsException: String index out of range: -4
> at java.lang.String.substring(String.java:1967)
> at
> org.apache.solr.request.macro.MacroExpander._expand(MacroExpander.java:150)
> at
> org.apache.solr.request.macro.MacroExpander.expand(MacroExpander.java:101)
> at
> org.apache.solr.request.macro.MacroExpander.expand(MacroExpander.java:65)
> at
> org.apache.solr.request.macro.MacroExpander.expand(MacroExpander.java:51)
> at
> org.apache.solr.request.json.RequestUtil.processParams(RequestUtil.java:159)
> at
> org.apache.solr.util.SolrPluginUtils.setDefaults(SolrPluginUtils.java:167)
> at
> org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:196)
> [...]
> {noformat}
> Parameter [macro
> expansion|http://yonik.com/solr-query-parameter-substitution/] seems to take
> place in {{org.apache.solr.request.macro.MacroExpander._expand(String val)}}.
> From reading the code of the function it seems that macros are not expanded
> inside curly brackets {{${...}}}, and so the {{${b}}} inside
> {noformat}
> ${${b}}
> {noformat}
> should not be expanded. But the function seems to fail to detect this
> specific case and graciously refuse to expand it.
> A possible fix could be updating the {{idx}} variable when the {{StrParser}}
> detects that no valid identifier can be found inside the brackets. See
> attached file
> {{0001-Macro-expander-fail-gracefully-on-unsupported-syntax.patch}}.
> We found this bug using [Diffblue Microservices
> Testing|https://www.diffblue.com/labs/]. Find more information on this [fuzz
> testing
> campaign|https://www.diffblue.com/blog/2018/12/19/diffblue-microservice-testing-a-sneak-peek-at-our-early-product-and-results].
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Updated] (SOLR-13183) NullPointerException at o.a.solr.servlet.SolrDispatchFilter.doFilter
[
https://issues.apache.org/jira/browse/SOLR-13183?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Cesar Rodriguez updated SOLR-13183:
---
Labels: diffblue (was: )
> NullPointerException at o.a.solr.servlet.SolrDispatchFilter.doFilter
>
>
> Key: SOLR-13183
> URL: https://issues.apache.org/jira/browse/SOLR-13183
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
>Affects Versions: master (9.0)
> Environment: h1. Steps to reproduce
> * Use a Linux machine.
> * Build commit {{ea2c8ba}} of Solr as described in the section below.
> * Build the films collection as described below.
> * Start the server using the command {{./bin/solr start -f -p 8983 -s
> /tmp/home}}
> * Request the URL given in the bug description.
> h1. Compiling the server
> {noformat}
> git clone https://github.com/apache/lucene-solr
> cd lucene-solr
> git checkout ea2c8ba
> ant compile
> cd solr
> ant server
> {noformat}
> h1. Building the collection
> We followed [Exercise
> 2|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html#exercise-2] from
> the [Solr
> Tutorial|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html]. The
> attached file ({{home.zip}}) gives the contents of folder {{/tmp/home}} that
> you will obtain by following the steps below:
> {noformat}
> mkdir -p /tmp/home
> echo '' >
> /tmp/home/solr.xml
> {noformat}
> In one terminal start a Solr instance in foreground:
> {noformat}
> ./bin/solr start -f -p 8983 -s /tmp/home
> {noformat}
> In another terminal, create a collection of movies, with no shards and no
> replication, and initialize it:
> {noformat}
> bin/solr create -c films
> curl -X POST -H 'Content-type:application/json' --data-binary '{"add-field":
> {"name":"name", "type":"text_general", "multiValued":false, "stored":true}}'
> http://localhost:8983/solr/films/schema
> curl -X POST -H 'Content-type:application/json' --data-binary
> '{"add-copy-field" : {"source":"*","dest":"_text_"}}'
> http://localhost:8983/solr/films/schema
> ./bin/post -c films example/films/films.json
> {noformat}
>Reporter: Cesar Rodriguez
>Priority: Minor
> Labels: diffblue
> Attachments: home.zip
>
>
> Requesting the following URL causes Solr to return an HTTP 500 error response:
> {noformat}
> http://localhost:8983/solr/films/schema/%25
> {noformat}
> The error response seems to be caused by the following uncaught exception:
> {noformat}
> java.lang.NullPointerException
> at
> org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:403)
> at
> org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:340)
> at
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1602)
> at
> org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:540)
> at
> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:146)
> at
> org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548)
> [...]
> {noformat}
> Function SolrDisplatchFilter.doFilter(), line 403 calls methods forward() on
> a null pointer. The problem happens because
> ServletRequestWrapper.getRequestDispatcher(), line 338 returns null. And that
> happens because
> org.eclipse.jetty.server.handler.ContextHandler.Context.getRequestDispatcher()
> returns a null pointer. This happens because
> org.eclipse.jetty.http.HttpURI.getDecodedPath() tries to decode the string
> {{/solr/films/schema/%}}, which is an invalid encoding.
> I don’t fully follow the logic of the code but it seems that the
> percent-encoding of the URL has first been decoded and then it’s being
> decoded again?
> We found this bug using [Diffblue Microservices
> Testing|https://www.diffblue.com/labs/]. Find more information on this [fuzz
> testing
> campaign|https://www.diffblue.com/blog/2018/12/19/diffblue-microservice-testing-a-sneak-peek-at-our-early-product-and-results].
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Updated] (SOLR-13196) NullPointerException in o.a.solr.search.facet.FacetFieldProcessor.findTopSlots()
[
https://issues.apache.org/jira/browse/SOLR-13196?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Cesar Rodriguez updated SOLR-13196:
---
Labels: diffblue newdev (was: diffblue)
> NullPointerException in
> o.a.solr.search.facet.FacetFieldProcessor.findTopSlots()
> ---
>
> Key: SOLR-13196
> URL: https://issues.apache.org/jira/browse/SOLR-13196
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
>Affects Versions: master (9.0)
> Environment: h1. Steps to reproduce
> * Use a Linux machine.
> * Build commit {{ea2c8ba}} of Solr as described in the section below.
> * Build the films collection as described below.
> * Start the server using the command {{./bin/solr start -f -p 8983 -s
> /tmp/home}}
> * Request the URL given in the bug description.
> h1. Compiling the server
> {noformat}
> git clone https://github.com/apache/lucene-solr
> cd lucene-solr
> git checkout ea2c8ba
> ant compile
> cd solr
> ant server
> {noformat}
> h1. Building the collection
> We followed [Exercise
> 2|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html#exercise-2] from
> the [Solr
> Tutorial|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html]. The
> attached file ({{home.zip}}) gives the contents of folder {{/tmp/home}} that
> you will obtain by following the steps below:
> {noformat}
> mkdir -p /tmp/home
> echo '' >
> /tmp/home/solr.xml
> {noformat}
> In one terminal start a Solr instance in foreground:
> {noformat}
> ./bin/solr start -f -p 8983 -s /tmp/home
> {noformat}
> In another terminal, create a collection of movies, with no shards and no
> replication, and initialize it:
> {noformat}
> bin/solr create -c films
> curl -X POST -H 'Content-type:application/json' --data-binary '{"add-field":
> {"name":"name", "type":"text_general", "multiValued":false, "stored":true}}'
> http://localhost:8983/solr/films/schema
> curl -X POST -H 'Content-type:application/json' --data-binary
> '{"add-copy-field" : {"source":"*","dest":"_text_"}}'
> http://localhost:8983/solr/films/schema
> ./bin/post -c films example/films/films.json
> {noformat}
>Reporter: Cesar Rodriguez
>Priority: Minor
> Labels: diffblue, newdev
> Attachments: home.zip
>
>
> Requesting the following URL causes Solr to return an HTTP 500 error response:
> {noformat}
> http://localhost:8983/solr/films/select?facet.sort=asc=on=2=x=2=genre
> {noformat}
> The error response seems to be caused by the following uncaught exception:
> {noformat}
> java.lang.NullPointerException
> at
> org.apache.solr.search.facet.FacetFieldProcessor.lambda$findTopSlots$1(FacetFieldProcessor.java:325)
> at
> org.apache.solr.search.facet.FacetFieldProcessor$1.lessThan(FacetFieldProcessor.java:331)
> at
> org.apache.solr.search.facet.FacetFieldProcessor$1.lessThan(FacetFieldProcessor.java:329)
> at org.apache.lucene.util.PriorityQueue.upHeap(PriorityQueue.java:254)
> at org.apache.lucene.util.PriorityQueue.add(PriorityQueue.java:131)
> at
> org.apache.solr.search.facet.FacetFieldProcessor.findTopSlots(FacetFieldProcessor.java:363)
> at
> org.apache.solr.search.facet.FacetFieldProcessorByArray.calcFacets(FacetFieldProcessorByArray.java:114)
> at
> org.apache.solr.search.facet.FacetFieldProcessorByArray.process(FacetFieldProcessorByArray.java:62)
> at
> org.apache.solr.search.facet.FacetRequest.process(FacetRequest.java:401)
> at
> org.apache.solr.search.facet.FacetProcessor.processSubs(FacetProcessor.java:472)
> at
> org.apache.solr.search.facet.FacetProcessor.fillBucket(FacetProcessor.java:429)
> at
> org.apache.solr.search.facet.FacetQueryProcessor.process(FacetQuery.java:64)
> at
> org.apache.solr.search.facet.FacetRequest.process(FacetRequest.java:401)
> at
> org.apache.solr.search.facet.FacetModule.process(FacetModule.java:139)
> at
> org.apache.solr.handler.component.SearchHandler.handleRequestBody(SearchHandler.java:298)
> [...]
> {noformat}
> Removing any parameter in the URL makes the NPE disappear, so all URL
> parameters seem to be involved.
> Method {{org.apache.solr.search.facet.FacetFieldProcessor.findTopSlots()}},
> at line 316 retrieves the field {{sortAcc}}, which is null. This null pointer
> is subsequently used in a lambda expression, line 325 (and 320!). I guess the
> problem is that some input validation is missing?
> We found this bug using [Diffblue Microservices
> Testing|https://www.diffblue.com/labs/?utm_source=solr-br]. Find more
> information on this [fuzz testing
> campaign|https://www.diffblue.com/blog/2018/12/19/diffblue-microservice-testing-a-sneak-peek-at-our-early-product-and-results?utm_source=solr-br].
--
This message
[jira] [Updated] (SOLR-13198) NullPointerException in org.apache.solr.search.QParser.getParser
[
https://issues.apache.org/jira/browse/SOLR-13198?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Cesar Rodriguez updated SOLR-13198:
---
Labels: diffblue newdev (was: diffblue)
> NullPointerException in org.apache.solr.search.QParser.getParser
>
>
> Key: SOLR-13198
> URL: https://issues.apache.org/jira/browse/SOLR-13198
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
>Affects Versions: master (9.0)
> Environment: h1. Steps to reproduce
> * Use a Linux machine.
> * Build commit {{ea2c8ba}} of Solr as described in the section below.
> * Build the films collection as described below.
> * Start the server using the command {{./bin/solr start -f -p 8983 -s
> /tmp/home}}
> * Request the URL given in the bug description.
> h1. Compiling the server
> {noformat}
> git clone https://github.com/apache/lucene-solr
> cd lucene-solr
> git checkout ea2c8ba
> ant compile
> cd solr
> ant server
> {noformat}
> h1. Building the collection
> We followed [Exercise
> 2|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html#exercise-2] from
> the [Solr
> Tutorial|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html]. The
> attached file ({{home.zip}}) gives the contents of folder {{/tmp/home}} that
> you will obtain by following the steps below:
> {noformat}
> mkdir -p /tmp/home
> echo '' >
> /tmp/home/solr.xml
> {noformat}
> In one terminal start a Solr instance in foreground:
> {noformat}
> ./bin/solr start -f -p 8983 -s /tmp/home
> {noformat}
> In another terminal, create a collection of movies, with no shards and no
> replication, and initialize it:
> {noformat}
> bin/solr create -c films
> curl -X POST -H 'Content-type:application/json' --data-binary '{"add-field":
> {"name":"name", "type":"text_general", "multiValued":false, "stored":true}}'
> http://localhost:8983/solr/films/schema
> curl -X POST -H 'Content-type:application/json' --data-binary
> '{"add-copy-field" : {"source":"*","dest":"_text_"}}'
> http://localhost:8983/solr/films/schema
> ./bin/post -c films example/films/films.json
> {noformat}
>Reporter: Cesar Rodriguez
>Priority: Major
> Labels: diffblue, newdev
> Attachments: home.zip
>
>
> Requesting the following URL causes Solr to return an HTTP 500 error response:
> {noformat}
> http://localhost:8983/solr/films/select?defType=xxx
> {noformat}
> The error response seems to be caused by the following uncaught exception:
> {noformat}
> java.lang.NullPointerException
> at org.apache.solr.search.QParser.getParser(QParser.java:367)
> at org.apache.solr.search.QParser.getParser(QParser.java:319)
> at
> org.apache.solr.handler.component.QueryComponent.prepare(QueryComponent.java:157)
> at
> org.apache.solr.handler.component.SearchHandler.handleRequestBody(SearchHandler.java:272)
> at
> org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:199)
> at org.apache.solr.core.SolrCore.execute(SolrCore.java:2559)
> [...]
> {noformat}
> The problem seems to be related to the input validation of parameter
> {{defType}}. Method {{org.apache.solr.search.QParser.getParser()}} retrieves
> a {{QParserPlugin}} at line 366, but the {{parserName}} is {{xxx}} and the
> returned plugin is {{null}}. Immediately after (line 367) this plugin is
> used, thus triggering the NPE. The {{null}} pointer should probably be
> checked before it's used.
> I think this is the example bug we described in the video attached to [this
> blog
> post|https://www.diffblue.com/blog/2018/12/19/diffblue-microservice-testing-a-sneak-peek-at-our-early-product-and-results?utm_source=solr-br].
> We found this bug and 70 more like this using [Diffblue Microservices
> Testing|https://www.diffblue.com/labs/?utm_source=solr-br]. Check the blog
> post to learn more about this fuzz testing campaign we are running.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Updated] (SOLR-13202) Three NullPointerExceptions in org.apache.solr.search.JoinQuery.hashCode()
[
https://issues.apache.org/jira/browse/SOLR-13202?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Cesar Rodriguez updated SOLR-13202:
---
Labels: diffblue newdev (was: diffblue)
> Three NullPointerExceptions in org.apache.solr.search.JoinQuery.hashCode()
> --
>
> Key: SOLR-13202
> URL: https://issues.apache.org/jira/browse/SOLR-13202
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
>Affects Versions: master (9.0)
> Environment: h1. Steps to reproduce
> * Use a Linux machine.
> * Build commit {{ea2c8ba}} of Solr as described in the section below.
> * Build the films collection as described below.
> * Start the server using the command {{./bin/solr start -f -p 8983 -s
> /tmp/home}}
> * Request the URL given in the bug description.
> h1. Compiling the server
> {noformat}
> git clone https://github.com/apache/lucene-solr
> cd lucene-solr
> git checkout ea2c8ba
> ant compile
> cd solr
> ant server
> {noformat}
> h1. Building the collection
> We followed [Exercise
> 2|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html#exercise-2] from
> the [Solr
> Tutorial|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html]. The
> attached file ({{home.zip}}) gives the contents of folder {{/tmp/home}} that
> you will obtain by following the steps below:
> {noformat}
> mkdir -p /tmp/home
> echo '' >
> /tmp/home/solr.xml
> {noformat}
> In one terminal start a Solr instance in foreground:
> {noformat}
> ./bin/solr start -f -p 8983 -s /tmp/home
> {noformat}
> In another terminal, create a collection of movies, with no shards and no
> replication, and initialize it:
> {noformat}
> bin/solr create -c films
> curl -X POST -H 'Content-type:application/json' --data-binary '{"add-field":
> {"name":"name", "type":"text_general", "multiValued":false, "stored":true}}'
> http://localhost:8983/solr/films/schema
> curl -X POST -H 'Content-type:application/json' --data-binary
> '{"add-copy-field" : {"source":"*","dest":"_text_"}}'
> http://localhost:8983/solr/films/schema
> ./bin/post -c films example/films/films.json
> {noformat}
>Reporter: Cesar Rodriguez
>Priority: Major
> Labels: diffblue, newdev
> Attachments: home.zip
>
>
> Requesting any of the following URLs causes Solr to return an HTTP 500 error
> response:
> {noformat}
> http://localhost:8983/solr/films/select?fq=\{!join%20from=b%20to=a}
> http://localhost:8983/solr/films/select?fq=\{!join%20to=a}
> http://localhost:8983/solr/films/select?fq=\{!join}
> {noformat}
> The error response seems to be caused by the following uncaught exception:
> {noformat}
> java.lang.NullPointerException
> at org.apache.solr.search.JoinQuery.hashCode(JoinQParserPlugin.java:578)
> at org.apache.solr.search.QueryResultKey.(QueryResultKey.java:52)
> at
> org.apache.solr.search.SolrIndexSearcher.getDocListC(SolrIndexSearcher.java:1328)
> at
> org.apache.solr.search.SolrIndexSearcher.search(SolrIndexSearcher.java:567)
> at
> org.apache.solr.handler.component.QueryComponent.doProcessUngroupedSearch(QueryComponent.java:1434)
> at
> org.apache.solr.handler.component.QueryComponent.process(QueryComponent.java:373)
> at
> org.apache.solr.handler.component.SearchHandler.handleRequestBody(SearchHandler.java:298)
> at
> org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:199)
> at org.apache.solr.core.SolrCore.execute(SolrCore.java:2559)
> [...]
> {noformat}
> The problem seems to be with method {{hasCode}} in the class
> {{org.apache.solr.search.JoinQuery}}:
> {code:java}
> @Override
> public int hashCode() {
> int h = classHash();
> h = h * 31 + fromField.hashCode();
> h = h * 31 + toField.hashCode();
> h = h * 31 + q.hashCode();
> h = h * 31 + Objects.hashCode(fromIndex);
> h = h * 31 + (int) fromCoreOpenTime;
> return h;
> }
> {code}
> The URLs provided above selectively leave uninitialized the fields
> {{fromField}}, {{fromIndex}}, {{q}}, and {{toField}}, but all of these fields
> are accessed by this method.
>
> We found this issue and ~70 more like this using [Diffblue Microservices
> Testing|https://www.diffblue.com/labs/?utm_source=solr-br]. Find more
> information on this [fuzz testing
> campaign|https://www.diffblue.com/blog/2018/12/19/diffblue-microservice-testing-a-sneak-peek-at-our-early-product-and-results?utm_source=solr-br].
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Updated] (SOLR-13181) NullPointerException in org.apache.solr.request.macro.MacroExpander
[
https://issues.apache.org/jira/browse/SOLR-13181?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Cesar Rodriguez updated SOLR-13181:
---
Labels: diffblue newdev (was: diffblue)
> NullPointerException in org.apache.solr.request.macro.MacroExpander
> ---
>
> Key: SOLR-13181
> URL: https://issues.apache.org/jira/browse/SOLR-13181
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
>Affects Versions: master (9.0)
> Environment: h1. Steps to reproduce
> * Use a Linux machine.
> * Build commit {{ea2c8ba}} of Solr as described in the section below.
> * Build the films collection as described below.
> * Start the server using the command {{./bin/solr start -f -p 8983 -s
> /tmp/home}}
> * Request the URL given in the bug description.
> h1. Compiling the server
> {noformat}
> git clone https://github.com/apache/lucene-solr
> cd lucene-solr
> git checkout ea2c8ba
> ant compile
> cd solr
> ant server
> {noformat}
> h1. Building the collection
> We followed [Exercise
> 2|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html#exercise-2] from
> the [Solr
> Tutorial|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html]. The
> attached file ({{home.zip}}) gives the contents of folder {{/tmp/home}} that
> you will obtain by following the steps below:
> {noformat}
> mkdir -p /tmp/home
> echo '' >
> /tmp/home/solr.xml
> {noformat}
> In one terminal start a Solr instance in foreground:
> {noformat}
> ./bin/solr start -f -p 8983 -s /tmp/home
> {noformat}
> In another terminal, create a collection of movies, with no shards and no
> replication, and initialize it:
> {noformat}
> bin/solr create -c films
> curl -X POST -H 'Content-type:application/json' --data-binary '{"add-field":
> {"name":"name", "type":"text_general", "multiValued":false, "stored":true}}'
> http://localhost:8983/solr/films/schema
> curl -X POST -H 'Content-type:application/json' --data-binary
> '{"add-copy-field" : {"source":"*","dest":"_text_"}}'
> http://localhost:8983/solr/films/schema
> ./bin/post -c films example/films/films.json
> {noformat}
>Reporter: Cesar Rodriguez
>Priority: Minor
> Labels: diffblue, newdev
> Attachments:
> 0001-Macro-expander-fail-gracefully-on-unsupported-syntax.patch, home.zip
>
>
> Requesting the following URL causes Solr to return an HTTP 500 error response:
> {noformat}
> http://localhost:8983/solr/films/select?a=${${b}}
> {noformat}
> The error response seems to be caused by the following uncaught exception:
> {noformat}
> java.lang.StringIndexOutOfBoundsException: String index out of range: -4
> at java.lang.String.substring(String.java:1967)
> at
> org.apache.solr.request.macro.MacroExpander._expand(MacroExpander.java:150)
> at
> org.apache.solr.request.macro.MacroExpander.expand(MacroExpander.java:101)
> at
> org.apache.solr.request.macro.MacroExpander.expand(MacroExpander.java:65)
> at
> org.apache.solr.request.macro.MacroExpander.expand(MacroExpander.java:51)
> at
> org.apache.solr.request.json.RequestUtil.processParams(RequestUtil.java:159)
> at
> org.apache.solr.util.SolrPluginUtils.setDefaults(SolrPluginUtils.java:167)
> at
> org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:196)
> [...]
> {noformat}
> Parameter [macro
> expansion|http://yonik.com/solr-query-parameter-substitution/] seems to take
> place in {{org.apache.solr.request.macro.MacroExpander._expand(String val)}}.
> From reading the code of the function it seems that macros are not expanded
> inside curly brackets {{${...}}}, and so the {{${b}}} inside
> {noformat}
> ${${b}}
> {noformat}
> should not be expanded. But the function seems to fail to detect this
> specific case and graciously refuse to expand it.
> A possible fix could be updating the {{idx}} variable when the {{StrParser}}
> detects that no valid identifier can be found inside the brackets. See
> attached file
> {{0001-Macro-expander-fail-gracefully-on-unsupported-syntax.patch}}.
> We found this bug using [Diffblue Microservices
> Testing|https://www.diffblue.com/labs/]. Find more information on this [fuzz
> testing
> campaign|https://www.diffblue.com/blog/2018/12/19/diffblue-microservice-testing-a-sneak-peek-at-our-early-product-and-results].
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Updated] (SOLR-13198) NullPointerException in org.apache.solr.search.QParser.getParser
[
https://issues.apache.org/jira/browse/SOLR-13198?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Cesar Rodriguez updated SOLR-13198:
---
Labels: diffblue (was: )
> NullPointerException in org.apache.solr.search.QParser.getParser
>
>
> Key: SOLR-13198
> URL: https://issues.apache.org/jira/browse/SOLR-13198
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
>Affects Versions: master (9.0)
> Environment: h1. Steps to reproduce
> * Use a Linux machine.
> * Build commit {{ea2c8ba}} of Solr as described in the section below.
> * Build the films collection as described below.
> * Start the server using the command {{./bin/solr start -f -p 8983 -s
> /tmp/home}}
> * Request the URL given in the bug description.
> h1. Compiling the server
> {noformat}
> git clone https://github.com/apache/lucene-solr
> cd lucene-solr
> git checkout ea2c8ba
> ant compile
> cd solr
> ant server
> {noformat}
> h1. Building the collection
> We followed [Exercise
> 2|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html#exercise-2] from
> the [Solr
> Tutorial|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html]. The
> attached file ({{home.zip}}) gives the contents of folder {{/tmp/home}} that
> you will obtain by following the steps below:
> {noformat}
> mkdir -p /tmp/home
> echo '' >
> /tmp/home/solr.xml
> {noformat}
> In one terminal start a Solr instance in foreground:
> {noformat}
> ./bin/solr start -f -p 8983 -s /tmp/home
> {noformat}
> In another terminal, create a collection of movies, with no shards and no
> replication, and initialize it:
> {noformat}
> bin/solr create -c films
> curl -X POST -H 'Content-type:application/json' --data-binary '{"add-field":
> {"name":"name", "type":"text_general", "multiValued":false, "stored":true}}'
> http://localhost:8983/solr/films/schema
> curl -X POST -H 'Content-type:application/json' --data-binary
> '{"add-copy-field" : {"source":"*","dest":"_text_"}}'
> http://localhost:8983/solr/films/schema
> ./bin/post -c films example/films/films.json
> {noformat}
>Reporter: Cesar Rodriguez
>Priority: Major
> Labels: diffblue
> Attachments: home.zip
>
>
> Requesting the following URL causes Solr to return an HTTP 500 error response:
> {noformat}
> http://localhost:8983/solr/films/select?defType=xxx
> {noformat}
> The error response seems to be caused by the following uncaught exception:
> {noformat}
> java.lang.NullPointerException
> at org.apache.solr.search.QParser.getParser(QParser.java:367)
> at org.apache.solr.search.QParser.getParser(QParser.java:319)
> at
> org.apache.solr.handler.component.QueryComponent.prepare(QueryComponent.java:157)
> at
> org.apache.solr.handler.component.SearchHandler.handleRequestBody(SearchHandler.java:272)
> at
> org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:199)
> at org.apache.solr.core.SolrCore.execute(SolrCore.java:2559)
> [...]
> {noformat}
> The problem seems to be related to the input validation of parameter
> {{defType}}. Method {{org.apache.solr.search.QParser.getParser()}} retrieves
> a {{QParserPlugin}} at line 366, but the {{parserName}} is {{xxx}} and the
> returned plugin is {{null}}. Immediately after (line 367) this plugin is
> used, thus triggering the NPE. The {{null}} pointer should probably be
> checked before it's used.
> I think this is the example bug we described in the video attached to [this
> blog
> post|https://www.diffblue.com/blog/2018/12/19/diffblue-microservice-testing-a-sneak-peek-at-our-early-product-and-results?utm_source=solr-br].
> We found this bug and 70 more like this using [Diffblue Microservices
> Testing|https://www.diffblue.com/labs/?utm_source=solr-br]. Check the blog
> post to learn more about this fuzz testing campaign we are running.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Updated] (SOLR-13196) NullPointerException in o.a.solr.search.facet.FacetFieldProcessor.findTopSlots()
[
https://issues.apache.org/jira/browse/SOLR-13196?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Cesar Rodriguez updated SOLR-13196:
---
Labels: diffblue (was: )
> NullPointerException in
> o.a.solr.search.facet.FacetFieldProcessor.findTopSlots()
> ---
>
> Key: SOLR-13196
> URL: https://issues.apache.org/jira/browse/SOLR-13196
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
>Affects Versions: master (9.0)
> Environment: h1. Steps to reproduce
> * Use a Linux machine.
> * Build commit {{ea2c8ba}} of Solr as described in the section below.
> * Build the films collection as described below.
> * Start the server using the command {{./bin/solr start -f -p 8983 -s
> /tmp/home}}
> * Request the URL given in the bug description.
> h1. Compiling the server
> {noformat}
> git clone https://github.com/apache/lucene-solr
> cd lucene-solr
> git checkout ea2c8ba
> ant compile
> cd solr
> ant server
> {noformat}
> h1. Building the collection
> We followed [Exercise
> 2|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html#exercise-2] from
> the [Solr
> Tutorial|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html]. The
> attached file ({{home.zip}}) gives the contents of folder {{/tmp/home}} that
> you will obtain by following the steps below:
> {noformat}
> mkdir -p /tmp/home
> echo '' >
> /tmp/home/solr.xml
> {noformat}
> In one terminal start a Solr instance in foreground:
> {noformat}
> ./bin/solr start -f -p 8983 -s /tmp/home
> {noformat}
> In another terminal, create a collection of movies, with no shards and no
> replication, and initialize it:
> {noformat}
> bin/solr create -c films
> curl -X POST -H 'Content-type:application/json' --data-binary '{"add-field":
> {"name":"name", "type":"text_general", "multiValued":false, "stored":true}}'
> http://localhost:8983/solr/films/schema
> curl -X POST -H 'Content-type:application/json' --data-binary
> '{"add-copy-field" : {"source":"*","dest":"_text_"}}'
> http://localhost:8983/solr/films/schema
> ./bin/post -c films example/films/films.json
> {noformat}
>Reporter: Cesar Rodriguez
>Priority: Minor
> Labels: diffblue
> Attachments: home.zip
>
>
> Requesting the following URL causes Solr to return an HTTP 500 error response:
> {noformat}
> http://localhost:8983/solr/films/select?facet.sort=asc=on=2=x=2=genre
> {noformat}
> The error response seems to be caused by the following uncaught exception:
> {noformat}
> java.lang.NullPointerException
> at
> org.apache.solr.search.facet.FacetFieldProcessor.lambda$findTopSlots$1(FacetFieldProcessor.java:325)
> at
> org.apache.solr.search.facet.FacetFieldProcessor$1.lessThan(FacetFieldProcessor.java:331)
> at
> org.apache.solr.search.facet.FacetFieldProcessor$1.lessThan(FacetFieldProcessor.java:329)
> at org.apache.lucene.util.PriorityQueue.upHeap(PriorityQueue.java:254)
> at org.apache.lucene.util.PriorityQueue.add(PriorityQueue.java:131)
> at
> org.apache.solr.search.facet.FacetFieldProcessor.findTopSlots(FacetFieldProcessor.java:363)
> at
> org.apache.solr.search.facet.FacetFieldProcessorByArray.calcFacets(FacetFieldProcessorByArray.java:114)
> at
> org.apache.solr.search.facet.FacetFieldProcessorByArray.process(FacetFieldProcessorByArray.java:62)
> at
> org.apache.solr.search.facet.FacetRequest.process(FacetRequest.java:401)
> at
> org.apache.solr.search.facet.FacetProcessor.processSubs(FacetProcessor.java:472)
> at
> org.apache.solr.search.facet.FacetProcessor.fillBucket(FacetProcessor.java:429)
> at
> org.apache.solr.search.facet.FacetQueryProcessor.process(FacetQuery.java:64)
> at
> org.apache.solr.search.facet.FacetRequest.process(FacetRequest.java:401)
> at
> org.apache.solr.search.facet.FacetModule.process(FacetModule.java:139)
> at
> org.apache.solr.handler.component.SearchHandler.handleRequestBody(SearchHandler.java:298)
> [...]
> {noformat}
> Removing any parameter in the URL makes the NPE disappear, so all URL
> parameters seem to be involved.
> Method {{org.apache.solr.search.facet.FacetFieldProcessor.findTopSlots()}},
> at line 316 retrieves the field {{sortAcc}}, which is null. This null pointer
> is subsequently used in a lambda expression, line 325 (and 320!). I guess the
> problem is that some input validation is missing?
> We found this bug using [Diffblue Microservices
> Testing|https://www.diffblue.com/labs/?utm_source=solr-br]. Find more
> information on this [fuzz testing
> campaign|https://www.diffblue.com/blog/2018/12/19/diffblue-microservice-testing-a-sneak-peek-at-our-early-product-and-results?utm_source=solr-br].
--
This message was sent by Atlassian
[jira] [Updated] (SOLR-13202) Three NullPointerExceptions in org.apache.solr.search.JoinQuery.hashCode()
[
https://issues.apache.org/jira/browse/SOLR-13202?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Cesar Rodriguez updated SOLR-13202:
---
Labels: diffblue (was: )
> Three NullPointerExceptions in org.apache.solr.search.JoinQuery.hashCode()
> --
>
> Key: SOLR-13202
> URL: https://issues.apache.org/jira/browse/SOLR-13202
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
>Affects Versions: master (9.0)
> Environment: h1. Steps to reproduce
> * Use a Linux machine.
> * Build commit {{ea2c8ba}} of Solr as described in the section below.
> * Build the films collection as described below.
> * Start the server using the command {{./bin/solr start -f -p 8983 -s
> /tmp/home}}
> * Request the URL given in the bug description.
> h1. Compiling the server
> {noformat}
> git clone https://github.com/apache/lucene-solr
> cd lucene-solr
> git checkout ea2c8ba
> ant compile
> cd solr
> ant server
> {noformat}
> h1. Building the collection
> We followed [Exercise
> 2|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html#exercise-2] from
> the [Solr
> Tutorial|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html]. The
> attached file ({{home.zip}}) gives the contents of folder {{/tmp/home}} that
> you will obtain by following the steps below:
> {noformat}
> mkdir -p /tmp/home
> echo '' >
> /tmp/home/solr.xml
> {noformat}
> In one terminal start a Solr instance in foreground:
> {noformat}
> ./bin/solr start -f -p 8983 -s /tmp/home
> {noformat}
> In another terminal, create a collection of movies, with no shards and no
> replication, and initialize it:
> {noformat}
> bin/solr create -c films
> curl -X POST -H 'Content-type:application/json' --data-binary '{"add-field":
> {"name":"name", "type":"text_general", "multiValued":false, "stored":true}}'
> http://localhost:8983/solr/films/schema
> curl -X POST -H 'Content-type:application/json' --data-binary
> '{"add-copy-field" : {"source":"*","dest":"_text_"}}'
> http://localhost:8983/solr/films/schema
> ./bin/post -c films example/films/films.json
> {noformat}
>Reporter: Cesar Rodriguez
>Priority: Major
> Labels: diffblue
> Attachments: home.zip
>
>
> Requesting any of the following URLs causes Solr to return an HTTP 500 error
> response:
> {noformat}
> http://localhost:8983/solr/films/select?fq=\{!join%20from=b%20to=a}
> http://localhost:8983/solr/films/select?fq=\{!join%20to=a}
> http://localhost:8983/solr/films/select?fq=\{!join}
> {noformat}
> The error response seems to be caused by the following uncaught exception:
> {noformat}
> java.lang.NullPointerException
> at org.apache.solr.search.JoinQuery.hashCode(JoinQParserPlugin.java:578)
> at org.apache.solr.search.QueryResultKey.(QueryResultKey.java:52)
> at
> org.apache.solr.search.SolrIndexSearcher.getDocListC(SolrIndexSearcher.java:1328)
> at
> org.apache.solr.search.SolrIndexSearcher.search(SolrIndexSearcher.java:567)
> at
> org.apache.solr.handler.component.QueryComponent.doProcessUngroupedSearch(QueryComponent.java:1434)
> at
> org.apache.solr.handler.component.QueryComponent.process(QueryComponent.java:373)
> at
> org.apache.solr.handler.component.SearchHandler.handleRequestBody(SearchHandler.java:298)
> at
> org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:199)
> at org.apache.solr.core.SolrCore.execute(SolrCore.java:2559)
> [...]
> {noformat}
> The problem seems to be with method {{hasCode}} in the class
> {{org.apache.solr.search.JoinQuery}}:
> {code:java}
> @Override
> public int hashCode() {
> int h = classHash();
> h = h * 31 + fromField.hashCode();
> h = h * 31 + toField.hashCode();
> h = h * 31 + q.hashCode();
> h = h * 31 + Objects.hashCode(fromIndex);
> h = h * 31 + (int) fromCoreOpenTime;
> return h;
> }
> {code}
> The URLs provided above selectively leave uninitialized the fields
> {{fromField}}, {{fromIndex}}, {{q}}, and {{toField}}, but all of these fields
> are accessed by this method.
>
> We found this issue and ~70 more like this using [Diffblue Microservices
> Testing|https://www.diffblue.com/labs/?utm_source=solr-br]. Find more
> information on this [fuzz testing
> campaign|https://www.diffblue.com/blog/2018/12/19/diffblue-microservice-testing-a-sneak-peek-at-our-early-product-and-results?utm_source=solr-br].
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Created] (SOLR-13202) Three NullPointerExceptions in org.apache.solr.search.JoinQuery.hashCode()
Cesar Rodriguez created SOLR-13202:
--
Summary: Three NullPointerExceptions in
org.apache.solr.search.JoinQuery.hashCode()
Key: SOLR-13202
URL: https://issues.apache.org/jira/browse/SOLR-13202
Project: Solr
Issue Type: Bug
Security Level: Public (Default Security Level. Issues are Public)
Affects Versions: master (9.0)
Environment: h1. Steps to reproduce
* Use a Linux machine.
* Build commit {{ea2c8ba}} of Solr as described in the section below.
* Build the films collection as described below.
* Start the server using the command {{./bin/solr start -f -p 8983 -s
/tmp/home}}
* Request the URL given in the bug description.
h1. Compiling the server
{noformat}
git clone https://github.com/apache/lucene-solr
cd lucene-solr
git checkout ea2c8ba
ant compile
cd solr
ant server
{noformat}
h1. Building the collection
We followed [Exercise
2|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html#exercise-2] from
the [Solr Tutorial|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html].
The attached file ({{home.zip}}) gives the contents of folder {{/tmp/home}}
that you will obtain by following the steps below:
{noformat}
mkdir -p /tmp/home
echo '' > /tmp/home/solr.xml
{noformat}
In one terminal start a Solr instance in foreground:
{noformat}
./bin/solr start -f -p 8983 -s /tmp/home
{noformat}
In another terminal, create a collection of movies, with no shards and no
replication, and initialize it:
{noformat}
bin/solr create -c films
curl -X POST -H 'Content-type:application/json' --data-binary '{"add-field":
{"name":"name", "type":"text_general", "multiValued":false, "stored":true}}'
http://localhost:8983/solr/films/schema
curl -X POST -H 'Content-type:application/json' --data-binary
'{"add-copy-field" : {"source":"*","dest":"_text_"}}'
http://localhost:8983/solr/films/schema
./bin/post -c films example/films/films.json
{noformat}
Reporter: Cesar Rodriguez
Attachments: home.zip
Requesting any of the following URLs causes Solr to return an HTTP 500 error
response:
{noformat}
http://localhost:8983/solr/films/select?fq=\{!join%20from=b%20to=a}
http://localhost:8983/solr/films/select?fq=\{!join%20to=a}
http://localhost:8983/solr/films/select?fq=\{!join}
{noformat}
The error response seems to be caused by the following uncaught exception:
{noformat}
java.lang.NullPointerException
at org.apache.solr.search.JoinQuery.hashCode(JoinQParserPlugin.java:578)
at org.apache.solr.search.QueryResultKey.(QueryResultKey.java:52)
at
org.apache.solr.search.SolrIndexSearcher.getDocListC(SolrIndexSearcher.java:1328)
at org.apache.solr.search.SolrIndexSearcher.search(SolrIndexSearcher.java:567)
at
org.apache.solr.handler.component.QueryComponent.doProcessUngroupedSearch(QueryComponent.java:1434)
at
org.apache.solr.handler.component.QueryComponent.process(QueryComponent.java:373)
at
org.apache.solr.handler.component.SearchHandler.handleRequestBody(SearchHandler.java:298)
at
org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:199)
at org.apache.solr.core.SolrCore.execute(SolrCore.java:2559)
[...]
{noformat}
The problem seems to be with method {{hasCode}} in the class
{{org.apache.solr.search.JoinQuery}}:
{code:java}
@Override
public int hashCode() {
int h = classHash();
h = h * 31 + fromField.hashCode();
h = h * 31 + toField.hashCode();
h = h * 31 + q.hashCode();
h = h * 31 + Objects.hashCode(fromIndex);
h = h * 31 + (int) fromCoreOpenTime;
return h;
}
{code}
The URLs provided above selectively leave uninitialized the fields
{{fromField}}, {{fromIndex}}, {{q}}, and {{toField}}, but all of these fields
are accessed by this method.
We found this issue and ~70 more like this using [Diffblue Microservices
Testing|https://www.diffblue.com/labs/?utm_source=solr-br]. Find more
information on this [fuzz testing
campaign|https://www.diffblue.com/blog/2018/12/19/diffblue-microservice-testing-a-sneak-peek-at-our-early-product-and-results?utm_source=solr-br].
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Updated] (SOLR-13198) NullPointerException in org.apache.solr.search.QParser.getParser
[
https://issues.apache.org/jira/browse/SOLR-13198?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Cesar Rodriguez updated SOLR-13198:
---
Description:
Requesting the following URL causes Solr to return an HTTP 500 error response:
{noformat}
http://localhost:8983/solr/films/select?defType=xxx
{noformat}
The error response seems to be caused by the following uncaught exception:
{noformat}
java.lang.NullPointerException
at org.apache.solr.search.QParser.getParser(QParser.java:367)
at org.apache.solr.search.QParser.getParser(QParser.java:319)
at
org.apache.solr.handler.component.QueryComponent.prepare(QueryComponent.java:157)
at
org.apache.solr.handler.component.SearchHandler.handleRequestBody(SearchHandler.java:272)
at
org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:199)
at org.apache.solr.core.SolrCore.execute(SolrCore.java:2559)
[...]
{noformat}
The problem seems to be related to the input validation of parameter
{{defType}}. Method {{org.apache.solr.search.QParser.getParser()}} retrieves a
{{QParserPlugin}} at line 366, but the {{parserName}} is {{xxx}} and the
returned plugin is {{null}}. Immediately after (line 367) this plugin is used,
thus triggering the NPE. The {{null}} pointer should probably be checked before
it's used.
I think this is the example bug we described in the video attached to [this
blog
post|https://www.diffblue.com/blog/2018/12/19/diffblue-microservice-testing-a-sneak-peek-at-our-early-product-and-results?utm_source=solr-br].
We found this bug and 70 more like this using [Diffblue Microservices
Testing|https://www.diffblue.com/labs/?utm_source=solr-br]. Check the blog post
to learn more about this fuzz testing campaign we are running.
was:
Requesting the following URL causes Solr to return an HTTP 500 error response:
{noformat}
http://localhost:8983/solr/films/select?defType=xxx
{noformat}
The error response seems to be caused by the following uncaught exception:
{noformat}
java.lang.NullPointerException
at org.apache.solr.search.QParser.getParser(QParser.java:367)
at org.apache.solr.search.QParser.getParser(QParser.java:319)
at
org.apache.solr.handler.component.QueryComponent.prepare(QueryComponent.java:157)
at
org.apache.solr.handler.component.SearchHandler.handleRequestBody(SearchHandler.java:272)
at
org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:199)
at org.apache.solr.core.SolrCore.execute(SolrCore.java:2559)
[...]
{noformat}
The problem seems to be related to the input validation of parameter
{{defType}}. Method {{org.apache.solr.search.QParser.getParser()}} retrieves a
{{QParserPlugin}} at line 366, but the {{parserName}} is {{xxx}} and the
returned plugin is {{null}}. Immediately after (line 367) this plugin is used,
thus triggering the NPE. The {{null}} pointer should probably be checked before
it's used.
I think this is the example bug we described in the video attached [this blog
post|https://www.diffblue.com/blog/2018/12/19/diffblue-microservice-testing-a-sneak-peek-at-our-early-product-and-results?utm_source=solr-br].
We found this bug using [Diffblue Microservices
Testing|https://www.diffblue.com/labs/?utm_source=solr-br]. Check the blog post
to learn more about this fuzz testing campaign we are running.
> NullPointerException in org.apache.solr.search.QParser.getParser
>
>
> Key: SOLR-13198
> URL: https://issues.apache.org/jira/browse/SOLR-13198
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
>Affects Versions: master (9.0)
> Environment: h1. Steps to reproduce
> * Use a Linux machine.
> * Build commit {{ea2c8ba}} of Solr as described in the section below.
> * Build the films collection as described below.
> * Start the server using the command {{./bin/solr start -f -p 8983 -s
> /tmp/home}}
> * Request the URL given in the bug description.
> h1. Compiling the server
> {noformat}
> git clone https://github.com/apache/lucene-solr
> cd lucene-solr
> git checkout ea2c8ba
> ant compile
> cd solr
> ant server
> {noformat}
> h1. Building the collection
> We followed [Exercise
> 2|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html#exercise-2] from
> the [Solr
> Tutorial|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html]. The
> attached file ({{home.zip}}) gives the contents of folder {{/tmp/home}} that
> you will obtain by following the steps below:
> {noformat}
> mkdir -p /tmp/home
> echo '' >
> /tmp/home/solr.xml
> {noformat}
> In one terminal start a Solr instance in foreground:
> {noformat}
> ./bin/solr start -f -p 8983 -s /tmp/home
> {noformat}
> In another terminal, create a collection of movies, with
[jira] [Created] (SOLR-13198) NullPointerException in org.apache.solr.search.QParser.getParser
Cesar Rodriguez created SOLR-13198:
--
Summary: NullPointerException in
org.apache.solr.search.QParser.getParser
Key: SOLR-13198
URL: https://issues.apache.org/jira/browse/SOLR-13198
Project: Solr
Issue Type: Bug
Security Level: Public (Default Security Level. Issues are Public)
Affects Versions: master (9.0)
Environment: h1. Steps to reproduce
* Use a Linux machine.
* Build commit {{ea2c8ba}} of Solr as described in the section below.
* Build the films collection as described below.
* Start the server using the command {{./bin/solr start -f -p 8983 -s
/tmp/home}}
* Request the URL given in the bug description.
h1. Compiling the server
{noformat}
git clone https://github.com/apache/lucene-solr
cd lucene-solr
git checkout ea2c8ba
ant compile
cd solr
ant server
{noformat}
h1. Building the collection
We followed [Exercise
2|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html#exercise-2] from
the [Solr Tutorial|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html].
The attached file ({{home.zip}}) gives the contents of folder {{/tmp/home}}
that you will obtain by following the steps below:
{noformat}
mkdir -p /tmp/home
echo '' > /tmp/home/solr.xml
{noformat}
In one terminal start a Solr instance in foreground:
{noformat}
./bin/solr start -f -p 8983 -s /tmp/home
{noformat}
In another terminal, create a collection of movies, with no shards and no
replication, and initialize it:
{noformat}
bin/solr create -c films
curl -X POST -H 'Content-type:application/json' --data-binary '{"add-field":
{"name":"name", "type":"text_general", "multiValued":false, "stored":true}}'
http://localhost:8983/solr/films/schema
curl -X POST -H 'Content-type:application/json' --data-binary
'{"add-copy-field" : {"source":"*","dest":"_text_"}}'
http://localhost:8983/solr/films/schema
./bin/post -c films example/films/films.json
{noformat}
Reporter: Cesar Rodriguez
Attachments: home.zip
Requesting the following URL causes Solr to return an HTTP 500 error response:
{noformat}
http://localhost:8983/solr/films/select?defType=xxx
{noformat}
The error response seems to be caused by the following uncaught exception:
{noformat}
java.lang.NullPointerException
at org.apache.solr.search.QParser.getParser(QParser.java:367)
at org.apache.solr.search.QParser.getParser(QParser.java:319)
at
org.apache.solr.handler.component.QueryComponent.prepare(QueryComponent.java:157)
at
org.apache.solr.handler.component.SearchHandler.handleRequestBody(SearchHandler.java:272)
at
org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:199)
at org.apache.solr.core.SolrCore.execute(SolrCore.java:2559)
[...]
{noformat}
The problem seems to be related to the input validation of parameter
{{defType}}. Method {{org.apache.solr.search.QParser.getParser()}} retrieves a
{{QParserPlugin}} at line 366, but the {{parserName}} is {{xxx}} and the
returned plugin is {{null}}. Immediately after (line 367) this plugin is used,
thus triggering the NPE. The {{null}} pointer should probably be checked before
it's used.
I think this is the example bug we described in the video attached [this blog
post|https://www.diffblue.com/blog/2018/12/19/diffblue-microservice-testing-a-sneak-peek-at-our-early-product-and-results?utm_source=solr-br].
We found this bug using [Diffblue Microservices
Testing|https://www.diffblue.com/labs/?utm_source=solr-br]. Check the blog post
to learn more about this fuzz testing campaign we are running.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Closed] (LUCENE-8672) NullPointerException in o.a.solr.search.facet.FacetFieldProcessor.findTopSlots()
[
https://issues.apache.org/jira/browse/LUCENE-8672?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Cesar Rodriguez closed LUCENE-8672.
---
Moving this ticket to Solr
> NullPointerException in
> o.a.solr.search.facet.FacetFieldProcessor.findTopSlots()
>
>
> Key: LUCENE-8672
> URL: https://issues.apache.org/jira/browse/LUCENE-8672
> Project: Lucene - Core
> Issue Type: Bug
>Affects Versions: master (9.0)
> Environment: h1. Steps to reproduce
> * Use a Linux machine.
> * Build commit {{ea2c8ba}} of Solr as described in the section below.
> * Build the films collection as described below.
> * Start the server using the command {{./bin/solr start -f -p 8983 -s
> /tmp/home}}
> * Request the URL given in the bug description.
> h1. Compiling the server
> {noformat}
> git clone https://github.com/apache/lucene-solr
> cd lucene-solr
> git checkout ea2c8ba
> ant compile
> cd solr
> ant server
> {noformat}
> h1. Building the collection
> We followed [Exercise
> 2|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html#exercise-2] from
> the [Solr
> Tutorial|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html]. The
> attached file ({{home.zip}}) gives the contents of folder {{/tmp/home}} that
> you will obtain by following the steps below:
> {noformat}
> mkdir -p /tmp/home
> echo '' >
> /tmp/home/solr.xml
> {noformat}
> In one terminal start a Solr instance in foreground:
> {noformat}
> ./bin/solr start -f -p 8983 -s /tmp/home
> {noformat}
> In another terminal, create a collection of movies, with no shards and no
> replication, and initialize it:
> {noformat}
> bin/solr create -c films
> curl -X POST -H 'Content-type:application/json' --data-binary '{"add-field":
> {"name":"name", "type":"text_general", "multiValued":false, "stored":true}}'
> http://localhost:8983/solr/films/schema
> curl -X POST -H 'Content-type:application/json' --data-binary
> '{"add-copy-field" : {"source":"*","dest":"_text_"}}'
> http://localhost:8983/solr/films/schema
> ./bin/post -c films example/films/films.json
> {noformat}
>Reporter: Cesar Rodriguez
>Priority: Minor
> Attachments: home.zip
>
>
> Requesting the following URL causes Solr to return an HTTP 500 error response:
> {noformat}
> http://localhost:8983/solr/films/select?facet.sort=asc=on=2=x=2=genre
> {noformat}
> The error response seems to be caused by the following uncaught exception:
> {noformat}
> java.lang.NullPointerException
> at
> org.apache.solr.search.facet.FacetFieldProcessor.lambda$findTopSlots$1(FacetFieldProcessor.java:325)
> at
> org.apache.solr.search.facet.FacetFieldProcessor$1.lessThan(FacetFieldProcessor.java:331)
> at
> org.apache.solr.search.facet.FacetFieldProcessor$1.lessThan(FacetFieldProcessor.java:329)
> at org.apache.lucene.util.PriorityQueue.upHeap(PriorityQueue.java:254)
> at org.apache.lucene.util.PriorityQueue.add(PriorityQueue.java:131)
> at
> org.apache.solr.search.facet.FacetFieldProcessor.findTopSlots(FacetFieldProcessor.java:363)
> at
> org.apache.solr.search.facet.FacetFieldProcessorByArray.calcFacets(FacetFieldProcessorByArray.java:114)
> at
> org.apache.solr.search.facet.FacetFieldProcessorByArray.process(FacetFieldProcessorByArray.java:62)
> at
> org.apache.solr.search.facet.FacetRequest.process(FacetRequest.java:401)
> at
> org.apache.solr.search.facet.FacetProcessor.processSubs(FacetProcessor.java:472)
> at
> org.apache.solr.search.facet.FacetProcessor.fillBucket(FacetProcessor.java:429)
> at
> org.apache.solr.search.facet.FacetQueryProcessor.process(FacetQuery.java:64)
> at
> org.apache.solr.search.facet.FacetRequest.process(FacetRequest.java:401)
> at
> org.apache.solr.search.facet.FacetModule.process(FacetModule.java:139)
> at
> org.apache.solr.handler.component.SearchHandler.handleRequestBody(SearchHandler.java:298)
> at
> org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:199)
> at org.apache.solr.core.SolrCore.execute(SolrCore.java:2559)
> at org.apache.solr.servlet.HttpSolrCall.execute(HttpSolrCall.java:711)
> at org.apache.solr.servlet.HttpSolrCall.call(HttpSolrCall.java:516)
> at
> org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:394)
> at
> org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:340)
> at
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1602)
> [...]
> {noformat}
> Removing any parameter in the URL makes the NPE disappear, so all URL
> parameters seem to be involved.
> Method {{org.apache.solr.search.facet.FacetFieldProcessor.findTopSlots()}},
> at line 316 retrieves the field \{{sortAcc}},
[jira] [Created] (SOLR-13196) NullPointerException in o.a.solr.search.facet.FacetFieldProcessor.findTopSlots()
Cesar Rodriguez created SOLR-13196:
--
Summary: NullPointerException in
o.a.solr.search.facet.FacetFieldProcessor.findTopSlots()
Key: SOLR-13196
URL: https://issues.apache.org/jira/browse/SOLR-13196
Project: Solr
Issue Type: Bug
Security Level: Public (Default Security Level. Issues are Public)
Affects Versions: master (9.0)
Environment: h1. Steps to reproduce
* Use a Linux machine.
* Build commit {{ea2c8ba}} of Solr as described in the section below.
* Build the films collection as described below.
* Start the server using the command {{./bin/solr start -f -p 8983 -s
/tmp/home}}
* Request the URL given in the bug description.
h1. Compiling the server
{noformat}
git clone https://github.com/apache/lucene-solr
cd lucene-solr
git checkout ea2c8ba
ant compile
cd solr
ant server
{noformat}
h1. Building the collection
We followed [Exercise
2|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html#exercise-2] from
the [Solr Tutorial|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html].
The attached file ({{home.zip}}) gives the contents of folder {{/tmp/home}}
that you will obtain by following the steps below:
{noformat}
mkdir -p /tmp/home
echo '' > /tmp/home/solr.xml
{noformat}
In one terminal start a Solr instance in foreground:
{noformat}
./bin/solr start -f -p 8983 -s /tmp/home
{noformat}
In another terminal, create a collection of movies, with no shards and no
replication, and initialize it:
{noformat}
bin/solr create -c films
curl -X POST -H 'Content-type:application/json' --data-binary '{"add-field":
{"name":"name", "type":"text_general", "multiValued":false, "stored":true}}'
http://localhost:8983/solr/films/schema
curl -X POST -H 'Content-type:application/json' --data-binary
'{"add-copy-field" : {"source":"*","dest":"_text_"}}'
http://localhost:8983/solr/films/schema
./bin/post -c films example/films/films.json
{noformat}
Reporter: Cesar Rodriguez
Attachments: home.zip
Requesting the following URL causes Solr to return an HTTP 500 error response:
{noformat}
http://localhost:8983/solr/films/select?facet.sort=asc=on=2=x=2=genre
{noformat}
The error response seems to be caused by the following uncaught exception:
{noformat}
java.lang.NullPointerException
at
org.apache.solr.search.facet.FacetFieldProcessor.lambda$findTopSlots$1(FacetFieldProcessor.java:325)
at
org.apache.solr.search.facet.FacetFieldProcessor$1.lessThan(FacetFieldProcessor.java:331)
at
org.apache.solr.search.facet.FacetFieldProcessor$1.lessThan(FacetFieldProcessor.java:329)
at org.apache.lucene.util.PriorityQueue.upHeap(PriorityQueue.java:254)
at org.apache.lucene.util.PriorityQueue.add(PriorityQueue.java:131)
at
org.apache.solr.search.facet.FacetFieldProcessor.findTopSlots(FacetFieldProcessor.java:363)
at
org.apache.solr.search.facet.FacetFieldProcessorByArray.calcFacets(FacetFieldProcessorByArray.java:114)
at
org.apache.solr.search.facet.FacetFieldProcessorByArray.process(FacetFieldProcessorByArray.java:62)
at
org.apache.solr.search.facet.FacetRequest.process(FacetRequest.java:401)
at
org.apache.solr.search.facet.FacetProcessor.processSubs(FacetProcessor.java:472)
at
org.apache.solr.search.facet.FacetProcessor.fillBucket(FacetProcessor.java:429)
at
org.apache.solr.search.facet.FacetQueryProcessor.process(FacetQuery.java:64)
at
org.apache.solr.search.facet.FacetRequest.process(FacetRequest.java:401)
at
org.apache.solr.search.facet.FacetModule.process(FacetModule.java:139)
at
org.apache.solr.handler.component.SearchHandler.handleRequestBody(SearchHandler.java:298)
[...]
{noformat}
Removing any parameter in the URL makes the NPE disappear, so all URL
parameters seem to be involved.
Method {{org.apache.solr.search.facet.FacetFieldProcessor.findTopSlots()}}, at
line 316 retrieves the field {{sortAcc}}, which is null. This null pointer is
subsequently used in a lambda expression, line 325 (and 320!). I guess the
problem is that some input validation is missing?
We found this bug using [Diffblue Microservices
Testing|https://www.diffblue.com/labs/?utm_source=solr-br]. Find more
information on this [fuzz testing
campaign|https://www.diffblue.com/blog/2018/12/19/diffblue-microservice-testing-a-sneak-peek-at-our-early-product-and-results?utm_source=solr-br].
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Resolved] (LUCENE-8672) NullPointerException in o.a.solr.search.facet.FacetFieldProcessor.findTopSlots()
[
https://issues.apache.org/jira/browse/LUCENE-8672?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Cesar Rodriguez resolved LUCENE-8672.
-
Resolution: Invalid
Sorry, I should have reported this in Solr, not in Lucene. Moving it there.
> NullPointerException in
> o.a.solr.search.facet.FacetFieldProcessor.findTopSlots()
>
>
> Key: LUCENE-8672
> URL: https://issues.apache.org/jira/browse/LUCENE-8672
> Project: Lucene - Core
> Issue Type: Bug
>Affects Versions: master (9.0)
> Environment: h1. Steps to reproduce
> * Use a Linux machine.
> * Build commit {{ea2c8ba}} of Solr as described in the section below.
> * Build the films collection as described below.
> * Start the server using the command {{./bin/solr start -f -p 8983 -s
> /tmp/home}}
> * Request the URL given in the bug description.
> h1. Compiling the server
> {noformat}
> git clone https://github.com/apache/lucene-solr
> cd lucene-solr
> git checkout ea2c8ba
> ant compile
> cd solr
> ant server
> {noformat}
> h1. Building the collection
> We followed [Exercise
> 2|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html#exercise-2] from
> the [Solr
> Tutorial|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html]. The
> attached file ({{home.zip}}) gives the contents of folder {{/tmp/home}} that
> you will obtain by following the steps below:
> {noformat}
> mkdir -p /tmp/home
> echo '' >
> /tmp/home/solr.xml
> {noformat}
> In one terminal start a Solr instance in foreground:
> {noformat}
> ./bin/solr start -f -p 8983 -s /tmp/home
> {noformat}
> In another terminal, create a collection of movies, with no shards and no
> replication, and initialize it:
> {noformat}
> bin/solr create -c films
> curl -X POST -H 'Content-type:application/json' --data-binary '{"add-field":
> {"name":"name", "type":"text_general", "multiValued":false, "stored":true}}'
> http://localhost:8983/solr/films/schema
> curl -X POST -H 'Content-type:application/json' --data-binary
> '{"add-copy-field" : {"source":"*","dest":"_text_"}}'
> http://localhost:8983/solr/films/schema
> ./bin/post -c films example/films/films.json
> {noformat}
>Reporter: Cesar Rodriguez
>Priority: Minor
> Attachments: home.zip
>
>
> Requesting the following URL causes Solr to return an HTTP 500 error response:
> {noformat}
> http://localhost:8983/solr/films/select?facet.sort=asc=on=2=x=2=genre
> {noformat}
> The error response seems to be caused by the following uncaught exception:
> {noformat}
> java.lang.NullPointerException
> at
> org.apache.solr.search.facet.FacetFieldProcessor.lambda$findTopSlots$1(FacetFieldProcessor.java:325)
> at
> org.apache.solr.search.facet.FacetFieldProcessor$1.lessThan(FacetFieldProcessor.java:331)
> at
> org.apache.solr.search.facet.FacetFieldProcessor$1.lessThan(FacetFieldProcessor.java:329)
> at org.apache.lucene.util.PriorityQueue.upHeap(PriorityQueue.java:254)
> at org.apache.lucene.util.PriorityQueue.add(PriorityQueue.java:131)
> at
> org.apache.solr.search.facet.FacetFieldProcessor.findTopSlots(FacetFieldProcessor.java:363)
> at
> org.apache.solr.search.facet.FacetFieldProcessorByArray.calcFacets(FacetFieldProcessorByArray.java:114)
> at
> org.apache.solr.search.facet.FacetFieldProcessorByArray.process(FacetFieldProcessorByArray.java:62)
> at
> org.apache.solr.search.facet.FacetRequest.process(FacetRequest.java:401)
> at
> org.apache.solr.search.facet.FacetProcessor.processSubs(FacetProcessor.java:472)
> at
> org.apache.solr.search.facet.FacetProcessor.fillBucket(FacetProcessor.java:429)
> at
> org.apache.solr.search.facet.FacetQueryProcessor.process(FacetQuery.java:64)
> at
> org.apache.solr.search.facet.FacetRequest.process(FacetRequest.java:401)
> at
> org.apache.solr.search.facet.FacetModule.process(FacetModule.java:139)
> at
> org.apache.solr.handler.component.SearchHandler.handleRequestBody(SearchHandler.java:298)
> at
> org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:199)
> at org.apache.solr.core.SolrCore.execute(SolrCore.java:2559)
> at org.apache.solr.servlet.HttpSolrCall.execute(HttpSolrCall.java:711)
> at org.apache.solr.servlet.HttpSolrCall.call(HttpSolrCall.java:516)
> at
> org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:394)
> at
> org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:340)
> at
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1602)
> [...]
> {noformat}
> Removing any parameter in the URL makes the NPE disappear, so all URL
> parameters seem to be involved.
> Method
[jira] [Updated] (LUCENE-8672) NullPointerException in o.a.solr.search.facet.FacetFieldProcessor.findTopSlots()
[
https://issues.apache.org/jira/browse/LUCENE-8672?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Cesar Rodriguez updated LUCENE-8672:
Description:
Requesting the following URL causes Solr to return an HTTP 500 error response:
{noformat}
http://localhost:8983/solr/films/select?facet.sort=asc=on=2=x=2=genre
{noformat}
The error response seems to be caused by the following uncaught exception:
{noformat}
java.lang.NullPointerException
at
org.apache.solr.search.facet.FacetFieldProcessor.lambda$findTopSlots$1(FacetFieldProcessor.java:325)
at
org.apache.solr.search.facet.FacetFieldProcessor$1.lessThan(FacetFieldProcessor.java:331)
at
org.apache.solr.search.facet.FacetFieldProcessor$1.lessThan(FacetFieldProcessor.java:329)
at org.apache.lucene.util.PriorityQueue.upHeap(PriorityQueue.java:254)
at org.apache.lucene.util.PriorityQueue.add(PriorityQueue.java:131)
at
org.apache.solr.search.facet.FacetFieldProcessor.findTopSlots(FacetFieldProcessor.java:363)
at
org.apache.solr.search.facet.FacetFieldProcessorByArray.calcFacets(FacetFieldProcessorByArray.java:114)
at
org.apache.solr.search.facet.FacetFieldProcessorByArray.process(FacetFieldProcessorByArray.java:62)
at
org.apache.solr.search.facet.FacetRequest.process(FacetRequest.java:401)
at
org.apache.solr.search.facet.FacetProcessor.processSubs(FacetProcessor.java:472)
at
org.apache.solr.search.facet.FacetProcessor.fillBucket(FacetProcessor.java:429)
at
org.apache.solr.search.facet.FacetQueryProcessor.process(FacetQuery.java:64)
at
org.apache.solr.search.facet.FacetRequest.process(FacetRequest.java:401)
at
org.apache.solr.search.facet.FacetModule.process(FacetModule.java:139)
at
org.apache.solr.handler.component.SearchHandler.handleRequestBody(SearchHandler.java:298)
at
org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:199)
at org.apache.solr.core.SolrCore.execute(SolrCore.java:2559)
at org.apache.solr.servlet.HttpSolrCall.execute(HttpSolrCall.java:711)
at org.apache.solr.servlet.HttpSolrCall.call(HttpSolrCall.java:516)
at
org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:394)
at
org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:340)
at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1602)
[...]
{noformat}
Removing any parameter in the URL makes the NPE disappear, so all URL
parameters seem to be involved.
Method {{org.apache.solr.search.facet.FacetFieldProcessor.findTopSlots()}}, at
line 316 retrieves the field \{{sortAcc}}, which is null. This null pointer is
subsequently used in a lambda expression, line 325 (and 320!). I guess the
problem is that some input validation is missing?
We found this bug using [Diffblue Microservices
Testing|https://www.diffblue.com/labs/?utm_source=solr-br]. Find more
information on this [fuzz testing
campaign|https://www.diffblue.com/blog/2018/12/19/diffblue-microservice-testing-a-sneak-peek-at-our-early-product-and-results?utm_source=solr-br].
was:
Requesting the following URL causes Solr to return an HTTP 500 error response:
{noformat}
http://localhost:8983/solr/films/select?facet.sort=asc=on=2=x=2=genre
{noformat}
The error response seems to be caused by the following uncaught exception:
{noformat}
java.lang.NullPointerException
at
org.apache.solr.search.facet.FacetFieldProcessor.lambda$findTopSlots$1(FacetFieldProcessor.java:325)
at
org.apache.solr.search.facet.FacetFieldProcessor$1.lessThan(FacetFieldProcessor.java:331)
at
org.apache.solr.search.facet.FacetFieldProcessor$1.lessThan(FacetFieldProcessor.java:329)
at org.apache.lucene.util.PriorityQueue.upHeap(PriorityQueue.java:254)
at org.apache.lucene.util.PriorityQueue.add(PriorityQueue.java:131)
at
org.apache.solr.search.facet.FacetFieldProcessor.findTopSlots(FacetFieldProcessor.java:363)
at
org.apache.solr.search.facet.FacetFieldProcessorByArray.calcFacets(FacetFieldProcessorByArray.java:114)
at
org.apache.solr.search.facet.FacetFieldProcessorByArray.process(FacetFieldProcessorByArray.java:62)
at
org.apache.solr.search.facet.FacetRequest.process(FacetRequest.java:401)
at
org.apache.solr.search.facet.FacetProcessor.processSubs(FacetProcessor.java:472)
at
org.apache.solr.search.facet.FacetProcessor.fillBucket(FacetProcessor.java:429)
at
org.apache.solr.search.facet.FacetQueryProcessor.process(FacetQuery.java:64)
at
org.apache.solr.search.facet.FacetRequest.process(FacetRequest.java:401)
at
org.apache.solr.search.facet.FacetModule.process(FacetModule.java:139)
at
org.apache.solr.handler.component.SearchHandler.handleRequestBody(SearchHandler.java:298)
[jira] [Created] (LUCENE-8672) NullPointerException in o.a.solr.search.facet.FacetFieldProcessor.findTopSlots()
Cesar Rodriguez created LUCENE-8672:
---
Summary: NullPointerException in
o.a.solr.search.facet.FacetFieldProcessor.findTopSlots()
Key: LUCENE-8672
URL: https://issues.apache.org/jira/browse/LUCENE-8672
Project: Lucene - Core
Issue Type: Bug
Affects Versions: master (9.0)
Environment: h1. Steps to reproduce
* Use a Linux machine.
* Build commit {{ea2c8ba}} of Solr as described in the section below.
* Build the films collection as described below.
* Start the server using the command {{./bin/solr start -f -p 8983 -s
/tmp/home}}
* Request the URL given in the bug description.
h1. Compiling the server
{noformat}
git clone https://github.com/apache/lucene-solr
cd lucene-solr
git checkout ea2c8ba
ant compile
cd solr
ant server
{noformat}
h1. Building the collection
We followed [Exercise
2|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html#exercise-2] from
the [Solr Tutorial|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html].
The attached file ({{home.zip}}) gives the contents of folder {{/tmp/home}}
that you will obtain by following the steps below:
{noformat}
mkdir -p /tmp/home
echo '' > /tmp/home/solr.xml
{noformat}
In one terminal start a Solr instance in foreground:
{noformat}
./bin/solr start -f -p 8983 -s /tmp/home
{noformat}
In another terminal, create a collection of movies, with no shards and no
replication, and initialize it:
{noformat}
bin/solr create -c films
curl -X POST -H 'Content-type:application/json' --data-binary '{"add-field":
{"name":"name", "type":"text_general", "multiValued":false, "stored":true}}'
http://localhost:8983/solr/films/schema
curl -X POST -H 'Content-type:application/json' --data-binary
'{"add-copy-field" : {"source":"*","dest":"_text_"}}'
http://localhost:8983/solr/films/schema
./bin/post -c films example/films/films.json
{noformat}
Reporter: Cesar Rodriguez
Attachments: home.zip
Requesting the following URL causes Solr to return an HTTP 500 error response:
{noformat}
http://localhost:8983/solr/films/select?facet.sort=asc=on=2=x=2=genre
{noformat}
The error response seems to be caused by the following uncaught exception:
{noformat}
java.lang.NullPointerException
at
org.apache.solr.search.facet.FacetFieldProcessor.lambda$findTopSlots$1(FacetFieldProcessor.java:325)
at
org.apache.solr.search.facet.FacetFieldProcessor$1.lessThan(FacetFieldProcessor.java:331)
at
org.apache.solr.search.facet.FacetFieldProcessor$1.lessThan(FacetFieldProcessor.java:329)
at org.apache.lucene.util.PriorityQueue.upHeap(PriorityQueue.java:254)
at org.apache.lucene.util.PriorityQueue.add(PriorityQueue.java:131)
at
org.apache.solr.search.facet.FacetFieldProcessor.findTopSlots(FacetFieldProcessor.java:363)
at
org.apache.solr.search.facet.FacetFieldProcessorByArray.calcFacets(FacetFieldProcessorByArray.java:114)
at
org.apache.solr.search.facet.FacetFieldProcessorByArray.process(FacetFieldProcessorByArray.java:62)
at
org.apache.solr.search.facet.FacetRequest.process(FacetRequest.java:401)
at
org.apache.solr.search.facet.FacetProcessor.processSubs(FacetProcessor.java:472)
at
org.apache.solr.search.facet.FacetProcessor.fillBucket(FacetProcessor.java:429)
at
org.apache.solr.search.facet.FacetQueryProcessor.process(FacetQuery.java:64)
at
org.apache.solr.search.facet.FacetRequest.process(FacetRequest.java:401)
at
org.apache.solr.search.facet.FacetModule.process(FacetModule.java:139)
at
org.apache.solr.handler.component.SearchHandler.handleRequestBody(SearchHandler.java:298)
at
org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:199)
at org.apache.solr.core.SolrCore.execute(SolrCore.java:2559)
at org.apache.solr.servlet.HttpSolrCall.execute(HttpSolrCall.java:711)
at org.apache.solr.servlet.HttpSolrCall.call(HttpSolrCall.java:516)
at
org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:394)
at
org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:340)
at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1602)
[...]
{noformat}
Removing any parameter in the URL makes the NPE disappear, so all URL
parameters seem to be involved.
Method org.apache.solr.search.facet.FacetFieldProcessor.findTopSlots(), at line
316 retrieves the field {{sortAcc}, which is null. This null pointer is
subsequently used in a lambda expression, line 325 (and 320!). I guess the
problem is that some input validation is missing?
We found this bug using [Diffblue Microservices
Testing|https://www.diffblue.com/labs/?utm_source=solr-br]. Find more
information on this [fuzz testing
[jira] [Updated] (LUCENE-8672) NullPointerException in o.a.solr.search.facet.FacetFieldProcessor.findTopSlots()
[
https://issues.apache.org/jira/browse/LUCENE-8672?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Cesar Rodriguez updated LUCENE-8672:
Attachment: home.zip
> NullPointerException in
> o.a.solr.search.facet.FacetFieldProcessor.findTopSlots()
>
>
> Key: LUCENE-8672
> URL: https://issues.apache.org/jira/browse/LUCENE-8672
> Project: Lucene - Core
> Issue Type: Bug
>Affects Versions: master (9.0)
> Environment: h1. Steps to reproduce
> * Use a Linux machine.
> * Build commit {{ea2c8ba}} of Solr as described in the section below.
> * Build the films collection as described below.
> * Start the server using the command {{./bin/solr start -f -p 8983 -s
> /tmp/home}}
> * Request the URL given in the bug description.
> h1. Compiling the server
> {noformat}
> git clone https://github.com/apache/lucene-solr
> cd lucene-solr
> git checkout ea2c8ba
> ant compile
> cd solr
> ant server
> {noformat}
> h1. Building the collection
> We followed [Exercise
> 2|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html#exercise-2] from
> the [Solr
> Tutorial|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html]. The
> attached file ({{home.zip}}) gives the contents of folder {{/tmp/home}} that
> you will obtain by following the steps below:
> {noformat}
> mkdir -p /tmp/home
> echo '' >
> /tmp/home/solr.xml
> {noformat}
> In one terminal start a Solr instance in foreground:
> {noformat}
> ./bin/solr start -f -p 8983 -s /tmp/home
> {noformat}
> In another terminal, create a collection of movies, with no shards and no
> replication, and initialize it:
> {noformat}
> bin/solr create -c films
> curl -X POST -H 'Content-type:application/json' --data-binary '{"add-field":
> {"name":"name", "type":"text_general", "multiValued":false, "stored":true}}'
> http://localhost:8983/solr/films/schema
> curl -X POST -H 'Content-type:application/json' --data-binary
> '{"add-copy-field" : {"source":"*","dest":"_text_"}}'
> http://localhost:8983/solr/films/schema
> ./bin/post -c films example/films/films.json
> {noformat}
>Reporter: Cesar Rodriguez
>Priority: Minor
> Attachments: home.zip
>
>
> Requesting the following URL causes Solr to return an HTTP 500 error response:
> {noformat}
> http://localhost:8983/solr/films/select?facet.sort=asc=on=2=x=2=genre
> {noformat}
> The error response seems to be caused by the following uncaught exception:
> {noformat}
> java.lang.NullPointerException
> at
> org.apache.solr.search.facet.FacetFieldProcessor.lambda$findTopSlots$1(FacetFieldProcessor.java:325)
> at
> org.apache.solr.search.facet.FacetFieldProcessor$1.lessThan(FacetFieldProcessor.java:331)
> at
> org.apache.solr.search.facet.FacetFieldProcessor$1.lessThan(FacetFieldProcessor.java:329)
> at org.apache.lucene.util.PriorityQueue.upHeap(PriorityQueue.java:254)
> at org.apache.lucene.util.PriorityQueue.add(PriorityQueue.java:131)
> at
> org.apache.solr.search.facet.FacetFieldProcessor.findTopSlots(FacetFieldProcessor.java:363)
> at
> org.apache.solr.search.facet.FacetFieldProcessorByArray.calcFacets(FacetFieldProcessorByArray.java:114)
> at
> org.apache.solr.search.facet.FacetFieldProcessorByArray.process(FacetFieldProcessorByArray.java:62)
> at
> org.apache.solr.search.facet.FacetRequest.process(FacetRequest.java:401)
> at
> org.apache.solr.search.facet.FacetProcessor.processSubs(FacetProcessor.java:472)
> at
> org.apache.solr.search.facet.FacetProcessor.fillBucket(FacetProcessor.java:429)
> at
> org.apache.solr.search.facet.FacetQueryProcessor.process(FacetQuery.java:64)
> at
> org.apache.solr.search.facet.FacetRequest.process(FacetRequest.java:401)
> at
> org.apache.solr.search.facet.FacetModule.process(FacetModule.java:139)
> at
> org.apache.solr.handler.component.SearchHandler.handleRequestBody(SearchHandler.java:298)
> at
> org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:199)
> at org.apache.solr.core.SolrCore.execute(SolrCore.java:2559)
> at org.apache.solr.servlet.HttpSolrCall.execute(HttpSolrCall.java:711)
> at org.apache.solr.servlet.HttpSolrCall.call(HttpSolrCall.java:516)
> at
> org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:394)
> at
> org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:340)
> at
> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1602)
> [...]
> {noformat}
> Removing any parameter in the URL makes the NPE disappear, so all URL
> parameters seem to be involved.
> Method org.apache.solr.search.facet.FacetFieldProcessor.findTopSlots(), at
> line 316 retrieves the field {{sortAcc}, which is
[jira] [Created] (SOLR-13187) NullPointerException at o.a.solr.search.QParser.getParser
Cesar Rodriguez created SOLR-13187:
--
Summary: NullPointerException at o.a.solr.search.QParser.getParser
Key: SOLR-13187
URL: https://issues.apache.org/jira/browse/SOLR-13187
Project: Solr
Issue Type: Bug
Security Level: Public (Default Security Level. Issues are Public)
Affects Versions: master (9.0)
Environment: h1. Steps to reproduce
* Use a Linux machine.
* Build commit {{ea2c8ba}} of Solr as described in the section below.
* Build the films collection as described below.
* Start the server using the command {{./bin/solr start -f -p 8983 -s
/tmp/home}}
* Request the URL given in the bug description.
h1. Compiling the server
{noformat}
git clone https://github.com/apache/lucene-solr
cd lucene-solr
git checkout ea2c8ba
ant compile
cd solr
ant server
{noformat}
h1. Building the collection
We followed [Exercise
2|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html#exercise-2] from
the [Solr Tutorial|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html].
The attached file ({{home.zip}}) gives the contents of folder {{/tmp/home}}
that you will obtain by following the steps below:
{noformat}
mkdir -p /tmp/home
echo '' > /tmp/home/solr.xml
{noformat}
In one terminal start a Solr instance in foreground:
{noformat}
./bin/solr start -f -p 8983 -s /tmp/home
{noformat}
In another terminal, create a collection of movies, with no shards and no
replication, and initialize it:
{noformat}
bin/solr create -c films
curl -X POST -H 'Content-type:application/json' --data-binary '{"add-field":
{"name":"name", "type":"text_general", "multiValued":false, "stored":true}}'
http://localhost:8983/solr/films/schema
curl -X POST -H 'Content-type:application/json' --data-binary
'{"add-copy-field" : {"source":"*","dest":"_text_"}}'
http://localhost:8983/solr/films/schema
./bin/post -c films example/films/films.json
{noformat}
Reporter: Cesar Rodriguez
Attachments: home.zip
Requesting the following URL causes Solr to return an HTTP 500 error response:
{noformat}
http://localhost:8983/solr/films/select?fq={!a}
{noformat}
The error response seems to be caused by the following uncaught exception:
{noformat}
java.lang.NullPointerException
at org.apache.solr.search.QParser.getParser(QParser.java:367)
at org.apache.solr.search.QParser.getParser(QParser.java:319)
at org.apache.solr.search.QParser.getParser(QParser.java:309)
at
org.apache.solr.handler.component.QueryComponent.prepare(QueryComponent.java:203)
at
org.apache.solr.handler.component.SearchHandler.handleRequestBody(SearchHandler.java:272)
at
org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:199)
at org.apache.solr.core.SolrCore.execute(SolrCore.java:2559)
at org.apache.solr.servlet.HttpSolrCall.execute(HttpSolrCall.java:711)
at org.apache.solr.servlet.HttpSolrCall.call(HttpSolrCall.java:516)
at
org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:394)
at
org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:340)
at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1602)
[...]
{noformat}
The call to {{getQueryPlugin}} from
{{org.apache.solr.search.QParser.getParser()}}, at line 366, can return a null
pointer, as witnessed by the URL above. Method {{getParser}} should probably
check for this.
We found this bug using [Diffblue Microservices
Testing|https://www.diffblue.com/labs/]. Find more information on this [fuzz
testing
campaign|https://www.diffblue.com/blog/2018/12/19/diffblue-microservice-testing-a-sneak-peek-at-our-early-product-and-results].
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Created] (SOLR-13183) NullPointerException at o.a.solr.servlet.SolrDispatchFilter.doFilter
Cesar Rodriguez created SOLR-13183:
--
Summary: NullPointerException at
o.a.solr.servlet.SolrDispatchFilter.doFilter
Key: SOLR-13183
URL: https://issues.apache.org/jira/browse/SOLR-13183
Project: Solr
Issue Type: Bug
Security Level: Public (Default Security Level. Issues are Public)
Affects Versions: master (9.0)
Environment: h1. Steps to reproduce
* Use a Linux machine.
* Build commit {{ea2c8ba}} of Solr as described in the section below.
* Build the films collection as described below.
* Start the server using the command {{./bin/solr start -f -p 8983 -s
/tmp/home}}
* Request the URL given in the bug description.
h1. Compiling the server
{noformat}
git clone https://github.com/apache/lucene-solr
cd lucene-solr
git checkout ea2c8ba
ant compile
cd solr
ant server
{noformat}
h1. Building the collection
We followed [Exercise
2|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html#exercise-2] from
the [Solr Tutorial|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html].
The attached file ({{home.zip}}) gives the contents of folder {{/tmp/home}}
that you will obtain by following the steps below:
{noformat}
mkdir -p /tmp/home
echo '' > /tmp/home/solr.xml
{noformat}
In one terminal start a Solr instance in foreground:
{noformat}
./bin/solr start -f -p 8983 -s /tmp/home
{noformat}
In another terminal, create a collection of movies, with no shards and no
replication, and initialize it:
{noformat}
bin/solr create -c films
curl -X POST -H 'Content-type:application/json' --data-binary '{"add-field":
{"name":"name", "type":"text_general", "multiValued":false, "stored":true}}'
http://localhost:8983/solr/films/schema
curl -X POST -H 'Content-type:application/json' --data-binary
'{"add-copy-field" : {"source":"*","dest":"_text_"}}'
http://localhost:8983/solr/films/schema
./bin/post -c films example/films/films.json
{noformat}
Reporter: Cesar Rodriguez
Attachments: home.zip
Requesting the following URL causes Solr to return an HTTP 500 error response:
{noformat}
http://localhost:8983/solr/films/schema/%25
{noformat}
The error response seems to be caused by the following uncaught exception:
{noformat}
java.lang.NullPointerException
at
org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:403)
at
org.apache.solr.servlet.SolrDispatchFilter.doFilter(SolrDispatchFilter.java:340)
at
org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1602)
at
org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:540)
at
org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:146)
at
org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548)
[...]
{noformat}
Function SolrDisplatchFilter.doFilter(), line 403 calls methods forward() on a
null pointer. The problem happens because
ServletRequestWrapper.getRequestDispatcher(), line 338 returns null. And that
happens because
org.eclipse.jetty.server.handler.ContextHandler.Context.getRequestDispatcher()
returns a null pointer. This happens because
org.eclipse.jetty.http.HttpURI.getDecodedPath() tries to decode the string
{{/solr/films/schema/%}}, which is an invalid encoding.
I don’t fully follow the logic of the code but it seems that the
percent-encoding of the URL has first been decoded and then it’s being decoded
again?
We found this bug using [Diffblue Microservices
Testing|https://www.diffblue.com/labs/]. Find more information on this [fuzz
testing
campaign|https://www.diffblue.com/blog/2018/12/19/diffblue-microservice-testing-a-sneak-peek-at-our-early-product-and-results].
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Created] (SOLR-13181) NullPointerException in org.apache.solr.request.macro.MacroExpander
Cesar Rodriguez created SOLR-13181:
--
Summary: NullPointerException in
org.apache.solr.request.macro.MacroExpander
Key: SOLR-13181
URL: https://issues.apache.org/jira/browse/SOLR-13181
Project: Solr
Issue Type: Bug
Security Level: Public (Default Security Level. Issues are Public)
Affects Versions: master (9.0)
Environment: h1. Steps to reproduce
* Use a Linux machine.
* Build commit {{ea2c8ba}} of Solr as described in the section below.
* Build the films collection as described below.
* Start the server using the command {{./bin/solr start -f -p 8983 -s
/tmp/home}}
* Request the URL given in the bug description.
h1. Compiling the server
{noformat}
git clone https://github.com/apache/lucene-solr
cd lucene-solr
git checkout ea2c8ba
ant compile
cd solr
ant server
{noformat}
h1. Building the collection
We followed [Exercise
2|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html#exercise-2] from
the [Solr Tutorial|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html].
The attached file ({{home.zip}}) gives the contents of folder {{/tmp/home}}
that you will obtain by following the steps below:
{noformat}
mkdir -p /tmp/home
echo '' > /tmp/home/solr.xml
{noformat}
In one terminal start a Solr instance in foreground:
{noformat}
./bin/solr start -f -p 8983 -s /tmp/home
{noformat}
In another terminal, create a collection of movies, with no shards and no
replication, and initialize it:
{noformat}
bin/solr create -c films
curl -X POST -H 'Content-type:application/json' --data-binary '{"add-field":
{"name":"name", "type":"text_general", "multiValued":false, "stored":true}}'
http://localhost:8983/solr/films/schema
curl -X POST -H 'Content-type:application/json' --data-binary
'{"add-copy-field" : {"source":"*","dest":"_text_"}}'
http://localhost:8983/solr/films/schema
./bin/post -c films example/films/films.json
{noformat}
Reporter: Cesar Rodriguez
Attachments:
0001-Macro-expander-fail-gracefully-on-unsupported-syntax.patch, home.zip
Requesting the following URL causes Solr to return an HTTP 500 error response:
{noformat}
http://localhost:8983/solr/films/select?a=${${b}}
{noformat}
The error response seems to be caused by the following uncaught exception:
{noformat}
java.lang.StringIndexOutOfBoundsException: String index out of range: -4
at java.lang.String.substring(String.java:1967)
at
org.apache.solr.request.macro.MacroExpander._expand(MacroExpander.java:150)
at
org.apache.solr.request.macro.MacroExpander.expand(MacroExpander.java:101)
at
org.apache.solr.request.macro.MacroExpander.expand(MacroExpander.java:65)
at
org.apache.solr.request.macro.MacroExpander.expand(MacroExpander.java:51)
at
org.apache.solr.request.json.RequestUtil.processParams(RequestUtil.java:159)
at
org.apache.solr.util.SolrPluginUtils.setDefaults(SolrPluginUtils.java:167)
at
org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:196)
[...]
{noformat}
Parameter [macro expansion|http://yonik.com/solr-query-parameter-substitution/]
seems to take place in
{{org.apache.solr.request.macro.MacroExpander._expand(String val)}}. From
reading the code of the function it seems that macros are not expanded inside
curly brackets {{${...}}}, and so the {{${b}}} inside
{noformat}
${${b}}
{noformat}
should not be expanded. But the function seems to fail to detect this specific
case and graciously refuse to expand it.
A possible fix could be updating the {{idx}} variable when the {{StrParser}}
detects that no valid identifier can be found inside the brackets. See attached
file {{0001-Macro-expander-fail-gracefully-on-unsupported-syntax.patch}}.
We found this bug using [Diffblue Microservices
Testing|https://www.diffblue.com/labs/]. Find more information on this [fuzz
testing
campaign|https://www.diffblue.com/blog/2018/12/19/diffblue-microservice-testing-a-sneak-peek-at-our-early-product-and-results].
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
-
To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org
For additional commands, e-mail: dev-h...@lucene.apache.org
