|Anonymous | Login | Signup for a new account||2021-04-18 11:43 PDT|
|Main | My View | View Issues | Change Log | Roadmap | Summary | My Account|
|View Issue Details|
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0008856||opensim||[GRID] Grid Service||public||2021-01-28 11:52||2021-02-01 05:05|
|Platform||Operating System||Operating System Version|
|Target Version||Fixed in Version|
|Summary||0008856: Userprofiles does not sanitize classified input|
|Description||The userprofileservice does not check validity of data it is sent, specifically for classifieds no defaults are assumed. Unfortunately some viewers do not send proper data when classifieds are set up.|
This means the search system based around the valid data in the database fail to find classifieds with improper classifiedflags.
What is needed is a check in the userprofileservice to make sure the data passed to classifieds contains proper classifiedflags or default to int 2, which represents "General Content" no auto renew. Currently without a default set the database gets null seen as int 0, resulting in essentially faulty data.
For the unofficial ossearch to work these flags need to be proper else anything in General Content cannot be found.
|Steps To Reproduce||Enable debug http all 6 on simulator console.|
Create a classified set to "General Content" without the automatic renewal enabled.
Observe data being sent to userprofile service not containing Flag parameter for classifiedflags.
Check database classifieds table to see classifiedflags set to 0 instead of 2.
|Additional Information||Apparently there are two parts to these flags.|
A bit to set auto renew, represented as int 32
A bit to set maturity level, represented as 2,8 and 64
Apparently this is normally checked at the binary level, each bit, well you can work that out I lack sleep for binary conversion.
Currently cannot test other viewers, only checked Firestorm, but seeing as this is rather down basic avenue I suspect all viewers have this issue. While that means it is somewhat of a viewer bug, we should still always assume sane defaults if data is missing.
|Tags||No tags attached.|
|Git Revision or version number|
|Run Mode||Grid (1 Region per Sim) , Grid (Multiple Regions per Sim)|
|Environment||Mono / Linux64|
|Attached Files||0052-Sanitize-classifiedflags-input.patch [^] (2,502 bytes) 2021-02-01 05:05 [Show Content]|
|So now on master it sets the correct flags, but nothing checks whether what's entered is within the possible values, it still just parses. While it does add overhead, making sure data entry is sane is important unless you want to risk bad data getting in there.|
|2021-01-28 11:52||tampa||New Issue|
|2021-01-29 14:24||tampa||File Added: 0052-Make-sure-Classifiedflags-are-proper.patch|
|2021-01-29 14:32||tampa||Note Added: 0037520|
|2021-01-29 14:32||tampa||Status||new => patch included|
|2021-01-29 18:17||tampa||File Deleted: 0052-Make-sure-Classifiedflags-are-proper.patch|
|2021-01-29 18:17||tampa||Note Deleted: 0037520|
|2021-01-31 03:47||tampa||Note Added: 0037528|
|2021-02-01 05:04||tampa||File Added: 0052-Sanitize-classifiedflags-input.patch|
|2021-02-01 05:05||tampa||File Deleted: 0052-Sanitize-classifiedflags-input.patch|
|2021-02-01 05:05||tampa||File Added: 0052-Sanitize-classifiedflags-input.patch|
|Copyright © 2000 - 2012 MantisBT Group|