Bug 1104080
Summary: | Every SearchQuery is improperly evaluated as unsafe expression. | ||
---|---|---|---|
Product: | Red Hat Enterprise Virtualization Manager | Reporter: | Martin Mucha <mmucha> |
Component: | ovirt-engine | Assignee: | Eli Mesika <emesika> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Martin Mucha <mmucha> |
Severity: | high | Docs Contact: | |
Priority: | unspecified | ||
Version: | 3.5.0 | CC: | emesika, gklein, iheim, lpeer, mmucha, oourfali, pstehlik, rbalakri, Rhev-m-bugs, sherold, yeylon |
Target Milestone: | --- | Keywords: | CodeChange |
Target Release: | 3.5.0 | Flags: | mmucha:
needinfo-
|
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | infra | ||
Fixed In Version: | ovirt-engine-3.5.0_beta | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2015-02-17 17:13:52 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | Infra | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 1142923, 1156165 |
Description
Martin Mucha
2014-06-03 09:02:46 UTC
in http://gerrit.ovirt.org/#/c/28343/ I've selected " : " to be the right suffix — it seemed to me, that this value is more important for the system, since ':' was only used in determining 'query safeness'. So I've changed ':' to " : ". If it should be the other case, please let me know. Is there any way how to test it? Increasing log level or something like that? I'm looking for a way how to confirm the change is in. I did a quick scan through code and I do not think this is testable in a black-box way. Internals seems too complex to me, so we cannot prove it's ok just upon changing logging level or some other externally observable change like this. Which is, on top of that, not present in code. I.e. I did not find such 'property', but even if it exist somewhere in code, based on it's complexity I do not think it's safe to pronounce it "ok" based just on such observation. Bug was actually caused by two duplicate constants which weren't in sync, so fix was rather easy. rhev 3.5.0 was released. closing. |