[jira] [Updated] (SOLR-13121) UnifiedHighlighter should treat negative values as Integer.MAX_VALUE in hl.maxAnalyzedChars.
[ https://issues.apache.org/jira/browse/SOLR-13121?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Yasufumi Mizoguchi updated SOLR-13121: -- Attachment: SOLR-13121.patch > UnifiedHighlighter should treat negative values as Integer.MAX_VALUE in > hl.maxAnalyzedChars. > > > Key: SOLR-13121 > URL: https://issues.apache.org/jira/browse/SOLR-13121 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: highlighter >Affects Versions: 7.6 >Reporter: Yasufumi Mizoguchi >Priority: Trivial > Attachments: SOLR-13121.patch > > > OriginalHighlighter and FastVectorHighlighter treat negative values as > Integer.MAX_VALUE in hl.masAnalyzedChars, but UnifiedHighlighter returns an > error when setting negative values as the parameter. > > Here is the procedure for reproducing. > > {noformat} > $ bin/solr -e techproducts > $ curl -XGET > "localhost:8983/solr/techproducts/select?hl.fl=name=-1=original=on=memory=name" > $ curl -XGET > "localhost:8983/solr/techproducts/select?hl.fl=name=-1=fastVector=on=memory=name" > $ curl -XGET > "localhost:8983/solr/techproducts/select?hl.fl=name=-1=unified=on=memory=name" > {noformat} > -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-13121) UnifiedHighlighter should treat negative values as Integer.MAX_VALUE in hl.maxAnalyzedChars.
[ https://issues.apache.org/jira/browse/SOLR-13121?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16735519#comment-16735519 ] Yasufumi Mizoguchi commented on SOLR-13121: --- Attach simple patch and tests. > UnifiedHighlighter should treat negative values as Integer.MAX_VALUE in > hl.maxAnalyzedChars. > > > Key: SOLR-13121 > URL: https://issues.apache.org/jira/browse/SOLR-13121 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: highlighter >Affects Versions: 7.6 >Reporter: Yasufumi Mizoguchi >Priority: Trivial > Attachments: SOLR-13121.patch > > > OriginalHighlighter and FastVectorHighlighter treat negative values as > Integer.MAX_VALUE in hl.masAnalyzedChars, but UnifiedHighlighter returns an > error when setting negative values as the parameter. > > Here is the procedure for reproducing. > > {noformat} > $ bin/solr -e techproducts > $ curl -XGET > "localhost:8983/solr/techproducts/select?hl.fl=name=-1=original=on=memory=name" > $ curl -XGET > "localhost:8983/solr/techproducts/select?hl.fl=name=-1=fastVector=on=memory=name" > $ curl -XGET > "localhost:8983/solr/techproducts/select?hl.fl=name=-1=unified=on=memory=name" > {noformat} > -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Created] (SOLR-13121) UnifiedHighlighter should treat negative values as Integer.MAX_VALUE in hl.maxAnalyzedChars.
Yasufumi Mizoguchi created SOLR-13121: - Summary: UnifiedHighlighter should treat negative values as Integer.MAX_VALUE in hl.maxAnalyzedChars. Key: SOLR-13121 URL: https://issues.apache.org/jira/browse/SOLR-13121 Project: Solr Issue Type: Improvement Security Level: Public (Default Security Level. Issues are Public) Components: highlighter Affects Versions: 7.6 Reporter: Yasufumi Mizoguchi OriginalHighlighter and FastVectorHighlighter treat negative values as Integer.MAX_VALUE in hl.masAnalyzedChars, but UnifiedHighlighter returns an error when setting negative values as the parameter. Here is the procedure for reproducing. {noformat} $ bin/solr -e techproducts $ curl -XGET "localhost:8983/solr/techproducts/select?hl.fl=name=-1=original=on=memory=name" $ curl -XGET "localhost:8983/solr/techproducts/select?hl.fl=name=-1=fastVector=on=memory=name" $ curl -XGET "localhost:8983/solr/techproducts/select?hl.fl=name=-1=unified=on=memory=name" {noformat} -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Updated] (SOLR-11334) UnifiedSolrHighlighter returns an error when hl.fl delimited by ", "
[ https://issues.apache.org/jira/browse/SOLR-11334?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Yasufumi Mizoguchi updated SOLR-11334: -- Attachment: SOLR-11334.patch Attaching patch with fix and test. This patch might affect other highlighter. But this passed all tests in org.apache.solr.highlight. > UnifiedSolrHighlighter returns an error when hl.fl delimited by ", " > > > Key: SOLR-11334 > URL: https://issues.apache.org/jira/browse/SOLR-11334 > Project: Solr > Issue Type: Bug > Security Level: Public(Default Security Level. Issues are Public) > Components: highlighter >Affects Versions: 6.6 > Environment: Ubuntu 17.04 (GNU/Linux 4.10.0-33-generic x86_64) > Java HotSpot 64-Bit Server VM(build 25.114-b01, mixed mode) >Reporter: Yasufumi Mizoguchi >Priority: Trivial > Attachments: SOLR-11334.patch > > > UnifiedSolrHighlighter(hl.method=unified) misjudge the zero-length string as > a field name and returns an error when hl.fl delimited by ", " > request: > {code} > $ curl -XGET > "http://localhost:8983/solr/techproducts/select?fl=name,%20manu=name,%20manu=unified=on=on=corsair=json; > {code} > response: > {code} > { > "responseHeader":{ > "status":400, > "QTime":8, > "params":{ > "q":"corsair", > "hl":"on", > "indent":"on", > "fl":"name, manu", > "hl.fl":"name, manu", > "hl.method":"unified", > "wt":"json"}}, > "response":{"numFound":2,"start":0,"docs":[ > { > "name":"CORSAIR ValueSelect 1GB 184-Pin DDR SDRAM Unbuffered DDR 400 > (PC 3200) System Memory - Retail", > "manu":"Corsair Microsystems Inc."}, > { > "name":"CORSAIR XMS 2GB (2 x 1GB) 184-Pin DDR SDRAM Unbuffered DDR > 400 (PC 3200) Dual Channel Kit System Memory - Retail", > "manu":"Corsair Microsystems Inc."}] > }, > "error":{ > "metadata":[ > "error-class","org.apache.solr.common.SolrException", > "root-error-class","org.apache.solr.common.SolrException"], > "msg":"undefined field ", > "code":400}} > {code} > DefaultHighlighter's response: > {code} > { > "responseHeader":{ > "status":0, > "QTime":5, > "params":{ > "q":"corsair", > "hl":"on", > "indent":"on", > "fl":"name, manu", > "hl.fl":"name, manu", > "hl.method":"original", > "wt":"json"}}, > "response":{"numFound":2,"start":0,"docs":[ > { > "name":"CORSAIR ValueSelect 1GB 184-Pin DDR SDRAM Unbuffered DDR 400 > (PC 3200) System Memory - Retail", > "manu":"Corsair Microsystems Inc."}, > { > "name":"CORSAIR XMS 2GB (2 x 1GB) 184-Pin DDR SDRAM Unbuffered DDR > 400 (PC 3200) Dual Channel Kit System Memory - Retail", > "manu":"Corsair Microsystems Inc."}] > }, > "highlighting":{ > "VS1GB400C3":{ > "name":["CORSAIR ValueSelect 1GB 184-Pin DDR SDRAM Unbuffered > DDR 400 (PC 3200) System Memory - Retail"], > "manu":["Corsair Microsystems Inc."]}, > "TWINX2048-3200PRO":{ > "name":["CORSAIR XMS 2GB (2 x 1GB) 184-Pin DDR SDRAM > Unbuffered DDR 400 (PC 3200) Dual Channel Kit System"], > "manu":["Corsair Microsystems Inc."]}}} > {code} -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Created] (SOLR-11334) UnifiedSolrHighlighter returns an error when hl.fl delimited by ", "
Yasufumi Mizoguchi created SOLR-11334: - Summary: UnifiedSolrHighlighter returns an error when hl.fl delimited by ", " Key: SOLR-11334 URL: https://issues.apache.org/jira/browse/SOLR-11334 Project: Solr Issue Type: Bug Security Level: Public (Default Security Level. Issues are Public) Components: highlighter Affects Versions: 6.6 Environment: Ubuntu 17.04 (GNU/Linux 4.10.0-33-generic x86_64) Java HotSpot 64-Bit Server VM(build 25.114-b01, mixed mode) Reporter: Yasufumi Mizoguchi Priority: Trivial UnifiedSolrHighlighter(hl.method=unified) misjudge the zero-length string as a field name and returns an error when hl.fl delimited by ", " request: {code} $ curl -XGET "http://localhost:8983/solr/techproducts/select?fl=name,%20manu=name,%20manu=unified=on=on=corsair=json; {code} response: {code} { "responseHeader":{ "status":400, "QTime":8, "params":{ "q":"corsair", "hl":"on", "indent":"on", "fl":"name, manu", "hl.fl":"name, manu", "hl.method":"unified", "wt":"json"}}, "response":{"numFound":2,"start":0,"docs":[ { "name":"CORSAIR ValueSelect 1GB 184-Pin DDR SDRAM Unbuffered DDR 400 (PC 3200) System Memory - Retail", "manu":"Corsair Microsystems Inc."}, { "name":"CORSAIR XMS 2GB (2 x 1GB) 184-Pin DDR SDRAM Unbuffered DDR 400 (PC 3200) Dual Channel Kit System Memory - Retail", "manu":"Corsair Microsystems Inc."}] }, "error":{ "metadata":[ "error-class","org.apache.solr.common.SolrException", "root-error-class","org.apache.solr.common.SolrException"], "msg":"undefined field ", "code":400}} {code} DefaultHighlighter's response: {code} { "responseHeader":{ "status":0, "QTime":5, "params":{ "q":"corsair", "hl":"on", "indent":"on", "fl":"name, manu", "hl.fl":"name, manu", "hl.method":"original", "wt":"json"}}, "response":{"numFound":2,"start":0,"docs":[ { "name":"CORSAIR ValueSelect 1GB 184-Pin DDR SDRAM Unbuffered DDR 400 (PC 3200) System Memory - Retail", "manu":"Corsair Microsystems Inc."}, { "name":"CORSAIR XMS 2GB (2 x 1GB) 184-Pin DDR SDRAM Unbuffered DDR 400 (PC 3200) Dual Channel Kit System Memory - Retail", "manu":"Corsair Microsystems Inc."}] }, "highlighting":{ "VS1GB400C3":{ "name":["CORSAIR ValueSelect 1GB 184-Pin DDR SDRAM Unbuffered DDR 400 (PC 3200) System Memory - Retail"], "manu":["Corsair Microsystems Inc."]}, "TWINX2048-3200PRO":{ "name":["CORSAIR XMS 2GB (2 x 1GB) 184-Pin DDR SDRAM Unbuffered DDR 400 (PC 3200) Dual Channel Kit System"], "manu":["Corsair Microsystems Inc."]}}} {code} -- This message was sent by Atlassian JIRA (v6.4.14#64029) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-9552) Upgrade to Tika 1.14 when available
[ https://issues.apache.org/jira/browse/SOLR-9552?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15935595#comment-15935595 ] Yasufumi Mizoguchi commented on SOLR-9552: -- [~elyograg], Thank you for your valuable advice. [~talli...@mitre.org], Thank you. I'll check whether POI 3.15-beta1 contains [r1734182|https://svn.apache.org/viewvc?view=revision=1734182], and whether that resolve the vulnerability. > Upgrade to Tika 1.14 when available > --- > > Key: SOLR-9552 > URL: https://issues.apache.org/jira/browse/SOLR-9552 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: contrib - DataImportHandler >Reporter: Tim Allison > > Let's upgrade Solr as soon as 1.14 is available. > P.S. I _think_ we're soon to wrap up work on 1.14. Any last requests? -- This message was sent by Atlassian JIRA (v6.3.15#6346) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org
[jira] [Commented] (SOLR-9552) Upgrade to Tika 1.14 when available
[ https://issues.apache.org/jira/browse/SOLR-9552?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15934075#comment-15934075 ] Yasufumi Mizoguchi commented on SOLR-9552: -- I wanna know the blocker of this. Because this is required to avoid CVE-2017-5644 of Apache POI, I think. > Upgrade to Tika 1.14 when available > --- > > Key: SOLR-9552 > URL: https://issues.apache.org/jira/browse/SOLR-9552 > Project: Solr > Issue Type: Improvement > Security Level: Public(Default Security Level. Issues are Public) > Components: contrib - DataImportHandler >Reporter: Tim Allison > > Let's upgrade Solr as soon as 1.14 is available. > P.S. I _think_ we're soon to wrap up work on 1.14. Any last requests? -- This message was sent by Atlassian JIRA (v6.3.15#6346) - To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org