Michael created this task. Michael added projects: Wikimedia-production-error, Wikidata, wdwb-tech. Restricted Application added a subscriber: Aklapper.
TASK DESCRIPTION Example exception on beta: https://wikidata.beta.wmflabs.org/wiki/Special:EntityData/Q533192.ttl?flavor=invalid Error ----- - mwversion: `1.37.0-wmf.12` - reqId: `4a4e5b9a-b9f5-45ad-af9d-887276b5e34c` - Find reqId in Logstash <https://logstash.wikimedia.org/app/dashboards#/view/AXFV7JE83bOlOASGccsT?_g=(time:(from:'2021-07-05T04:19:40.000Z',to:'2021-07-07T04:19:40.000Z'))&_a=(query:(query_string:(query:'reqId:%224a4e5b9a-b9f5-45ad-af9d-887276b5e34c%22')))> - Find normalized_message in Logstash <https://logstash.wikimedia.org/app/dashboards#/view/AXFV7JE83bOlOASGccsT?_g=(time:(from:now-30d,to:now))&_a=(query:(query_string:(query:'normalized_message:%22%5B%7BreqId%7D%5D%20%7Bexception_url%7D%20%20%20MWException:%20Unsupported%20flavor:%20test%20ORDER%20BY%205064#%22')))> name=normalized_message [{reqId}] {exception_url} MWException: Unsupported flavor: test ORDER BY 5064# name=exception.trace from /srv/mediawiki/php-1.37.0-wmf.12/extensions/Wikibase/repo/includes/LinkedData/EntityDataSerializationService.php(346) #0 /srv/mediawiki/php-1.37.0-wmf.12/extensions/Wikibase/repo/includes/LinkedData/EntityDataSerializationService.php(372): Wikibase\Repo\LinkedData\EntityDataSerializationService->getFlavor(string) #1 /srv/mediawiki/php-1.37.0-wmf.12/extensions/Wikibase/repo/includes/LinkedData/EntityDataSerializationService.php(171): Wikibase\Repo\LinkedData\EntityDataSerializationService->createRdfBuilder(string, string) #2 /srv/mediawiki/php-1.37.0-wmf.12/extensions/Wikibase/repo/includes/LinkedData/EntityDataRequestHandler.php(558): Wikibase\Repo\LinkedData\EntityDataSerializationService->getSerializedData(string, Wikibase\Lib\Store\EntityRevision, NULL, array, string) #3 /srv/mediawiki/php-1.37.0-wmf.12/extensions/Wikibase/repo/includes/LinkedData/EntityDataRequestHandler.php(283): Wikibase\Repo\LinkedData\EntityDataRequestHandler->showData(WebRequest, OutputPage, string, Wikibase\DataModel\Entity\ItemId, integer) #4 /srv/mediawiki/php-1.37.0-wmf.12/extensions/Wikibase/repo/includes/Specials/SpecialEntityData.php(111): Wikibase\Repo\LinkedData\EntityDataRequestHandler->handleRequest(string, WebRequest, OutputPage) #5 /srv/mediawiki/php-1.37.0-wmf.12/includes/specialpage/SpecialPage.php(646): Wikibase\Repo\Specials\SpecialEntityData->execute(string) #6 /srv/mediawiki/php-1.37.0-wmf.12/includes/specialpage/SpecialPageFactory.php(1362): SpecialPage->run(string) #7 /srv/mediawiki/php-1.37.0-wmf.12/includes/MediaWiki.php(314): MediaWiki\SpecialPage\SpecialPageFactory->executePath(string, RequestContext) #8 /srv/mediawiki/php-1.37.0-wmf.12/includes/MediaWiki.php(917): MediaWiki->performRequest() #9 /srv/mediawiki/php-1.37.0-wmf.12/includes/MediaWiki.php(551): MediaWiki->main() #10 /srv/mediawiki/php-1.37.0-wmf.12/index.php(53): MediaWiki->run() #11 /srv/mediawiki/php-1.37.0-wmf.12/index.php(46): wfIndexMain() #12 /srv/mediawiki/w/index.php(3): require(string) #13 {main} Impact ------ - logspam - could be used as endpoint for DOS attacks as it circumvents edge-caches Notes ----- - This came up previously as T272534: EntityDataSerializationService - Possible SQL Injection <https://phabricator.wikimedia.org/T272534> (It is not in fact an SQL injection) TASK DETAIL https://phabricator.wikimedia.org/T286275 EMAIL PREFERENCES https://phabricator.wikimedia.org/settings/panel/emailpreferences/ To: Michael Cc: Aklapper, Michael, Invadibot, maantietaja, Akuckartz, darthmon_wmde, Nandana, Lahi, Gq86, GoranSMilovanovic, QZanden, LawExplorer, _jensen, rosalieper, Scott_WUaS, Verdy_p, Wikidata-bugs, aude, Jdforrester-WMF, Addshore, Mbch331, Jay8g
_______________________________________________ Wikidata-bugs mailing list -- [email protected] To unsubscribe send an email to [email protected]
