Patch #24283

Validate length of string fields

Added by Felix Schäfer 9 months ago. Updated 8 months ago.

Status:ClosedStart date:
Priority:NormalDue date:
Assignee:Jean-Philippe Lang% Done:

0%

Category:Code cleanup/refactoring
Target version:3.2.5

Description

Databases throw errors when trying to save data that doesn't fit in the allotted space in the field (MySQL used to not do that and just silently drop the part that was over the length of the field, but does throw errors in strict mode), which cause Redmine to crash.

The coming patch adds length validations for most fields a user can directly write to and that is a string (i.e. ist a VARCHAR in MySQL)

24283.patch Magnifier (3.54 KB) Felix Schäfer, 2016-11-07 11:49

Associated revisions

Revision 15989
Added by Jean-Philippe Lang 9 months ago

Add length validations for string fields (#24283).

Patch by Felix Schäfer.

Revision 15991
Added by Jean-Philippe Lang 9 months ago

Wrong validation introduced in r15989 (#24283).

Revision 16134
Added by Jean-Philippe Lang 8 months ago

Validate length of custom field regexp (#24283).

Patch by Go MAEDA.

History

#1 Updated by Felix Schäfer 9 months ago

#2 Updated by Jan from Planio www.plan.io 9 months ago

  • Target version set to Candidate for next minor release

#3 Updated by Jean-Philippe Lang 9 months ago

  • Category set to Code cleanup/refactoring
  • Status changed from New to Resolved
  • Assignee set to Jean-Philippe Lang
  • Target version changed from Candidate for next minor release to 3.2.5

Committed, thanks.

#4 Updated by Jean-Philippe Lang 9 months ago

  • Status changed from Resolved to Closed

#5 Updated by Yui Naruse 8 months ago

validates_length_of :regexp, maximum: 30

custom_fields.regexp is varchar(255).
It must be maximum: 255.

#6 Updated by Go MAEDA 8 months ago

  • Status changed from Closed to Reopened

Yui Naruse wrote:

validates_length_of :regexp, maximum: 30

custom_fields.regexp is varchar(255).
It must be maximum: 255.

Thank you for pointing it out.
Reopening this issue.

Index: app/models/custom_field.rb
===================================================================
--- app/models/custom_field.rb    (revision 16111)
+++ app/models/custom_field.rb    (working copy)
@@ -32,7 +32,7 @@
   validates_presence_of :name, :field_format
   validates_uniqueness_of :name, :scope => :type
   validates_length_of :name, :maximum => 30
-  validates_length_of :regexp, maximum: 30
+  validates_length_of :regexp, maximum: 255
   validates_inclusion_of :field_format, :in => Proc.new { Redmine::FieldFormat.available_formats }
   validate :validate_custom_field
   attr_protected :id

#7 Updated by Jean-Philippe Lang 8 months ago

  • Status changed from Reopened to Closed

Committed, thanks.

Also available in: Atom PDF