Uploaded image for project: 'Islandora'
  1. Islandora
  2. ISLANDORA-2045

Solr results formatFilter assumes arguments passed are correct and complete

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: 7.x-1.9, 7.x-1.10, 7.x-1.11, 7.x-1.12
    • Fix Version/s: None
    • Component/s: Solr Search
    • Labels:
      None

      Description

      Solr formatFilter assumes query arguments passed are correctly formed into something Solr understands. Happens that since this is passed as a query argument, people could have modified it, or even reached the GET argument length limit getting a cropped query.
      That makes at: https://github.com/Islandora/islandora_solr_search/blob/7.x/includes/results.inc#L530-L533

      $filter_split = preg_split(ISLANDORA_SOLR_QUERY_FIELD_VALUE_SPLIT_REGEX, $filter, 2);
      

      results in no split at all. Subsequent calls to the second element of that array end in warnings like
      "Notice: Undefined offset: 1 in formatFilter()..."

      To test: run something like this (on a real repo)
      localhost:8080/islandora/search?type=edismax&f[0]=-mods_genre_ms%3A%22Admission%5C%20tickets%22&f[1]=-mod
      and look at your Drupal logs.

      Other consequence of this is that you end with an empty element in the query breadcrumb, which makes me wonder if this could be even a security issue? Not filtering, sanitizing that input?

        Attachments

          Activity

            People

            Assignee:
            Unassigned
            Reporter:
            dpinokrayon Diego Pino Navarro
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Dates

              Created:
              Updated: