You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@lucene.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2019/11/01 17:42:00 UTC
[jira] [Commented] (SOLR-13207) AIOOBE in calculateMinShouldMatch
[ https://issues.apache.org/jira/browse/SOLR-13207?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16965006#comment-16965006 ]
ASF subversion and git services commented on SOLR-13207:
--------------------------------------------------------
Commit b17d630e509adc9e62b07c599583558e715a869f in lucene-solr's branch refs/heads/master from Chris Hennick
[ https://gitbox.apache.org/repos/asf?p=lucene-solr.git;h=b17d630 ]
SOLR-13207: Handle query errors in calculateMinShouldMatch (#978)
Traps error that arises when the < operator is used at the end of a query field.
Also handles NumberFormatException when the operand isn't a number.
> AIOOBE in calculateMinShouldMatch
> ---------------------------------
>
> Key: SOLR-13207
> URL: https://issues.apache.org/jira/browse/SOLR-13207
> Project: Solr
> Issue Type: Bug
> Environment: h1. Steps to reproduce
> * Use a Linux machine.
> * Build commit {{ea2c8ba}} of Solr as described in the section below.
> * Build the films collection as described below.
> * Start the server using the command {{./bin/solr start -f -p 8983 -s /tmp/home}}
> * Request the URL given in the bug description.
> h1. Compiling the server
> {noformat}
> git clone https://github.com/apache/lucene-solr
> cd lucene-solr
> git checkout ea2c8ba
> ant compile
> cd solr
> ant server
> {noformat}
> h1. Building the collection and reproducing the bug
> We followed [Exercise 2|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html#exercise-2] from the [Solr Tutorial|http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html].
> {noformat}
> mkdir -p /tmp/home
> echo '<?xml version="1.0" encoding="UTF-8" ?><solr></solr>' > /tmp/home/solr.xml
> {noformat}
> In one terminal start a Solr instance in foreground:
> {noformat}
> ./bin/solr start -f -p 8983 -s /tmp/home
> {noformat}
> In another terminal, create a collection of movies, with no shards and no replication, and initialize it:
> {noformat}
> bin/solr create -c films
> curl -X POST -H 'Content-type:application/json' --data-binary '{"add-field": {"name":"name", "type":"text_general", "multiValued":false, "stored":true}}' http://localhost:8983/solr/films/schema
> curl -X POST -H 'Content-type:application/json' --data-binary '{"add-copy-field" : {"source":"*","dest":"_text_"}}' http://localhost:8983/solr/films/schema
> ./bin/post -c films example/films/films.json
> curl -v “URL_BUG”
> {noformat}
> Please check the issue description below to find the “URL_BUG” that will allow you to reproduce the issue reported.
> Reporter: Johannes Kloos
> Priority: Major
> Labels: diffblue, newdev
> Time Spent: 2.5h
> Remaining Estimate: 0h
>
> Requesting the following URL causes Solr to return an HTTP 500 error response:
> {noformat}
> http://localhost:8983/solr/films/select?mm=%3C&defType=edismax&q=fq=field(id,1)
> {noformat}
> The error response seems to be caused by the following uncaught exception:
> {noformat}
> java.lang.ArrayIndexOutOfBoundsException: 0
> at org.apache.solr.util.SolrPluginUtils.calculateMinShouldMatch(SolrPluginUtils.java:683)
> at org.apache.solr.util.SolrPluginUtils.setMinShouldMatch(SolrPluginUtils.java:641)
> at org.apache.solr.util.SolrPluginUtils.setMinShouldMatch(SolrPluginUtils.java:660)
> at org.apache.solr.search.ExtendedDismaxQParser.parseOriginalQuery(ExtendedDismaxQParser.java:415)
> at org.apache.solr.search.ExtendedDismaxQParser.parse(ExtendedDismaxQParser.java:173)
> at org.apache.solr.search.QParser.getQuery(QParser.java:173)
> at org.apache.solr.handler.component.QueryComponent.prepare(QueryComponent.java:158)
> at org.apache.solr.handler.component.SearchHandler.handleRequestBody(SearchHandler.java:272)
> at org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:199)
> at org.apache.solr.core.SolrCore.execute(SolrCore.java:2559)
> {noformat}
> The mm parameter is given as ‘<’. It is (after some string mangling) split into sub-strings separated by ‘<’, putattively giving the left-hand and right-hand argument of the operator. In the example, there are no such arguments, so the resulting array “parts” is empty (cf. String.split documentation). But we immediately try to access parts[0], leading to an AIOOBE.
> To set up an environment to reproduce this bug, follow the description in the ‘Environment’ field.
> We automatically found this issue and ~70 more like this using [Diffblue Microservices Testing|https://www.diffblue.com/labs/?utm_source=solr-br]. Find more information on this [fuzz testing campaign|https://www.diffblue.com/blog/2018/12/19/diffblue-microservice-testing-a-sneak-peek-at-our-early-product-and-results?utm_source=solr-br].
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@lucene.apache.org
For additional commands, e-mail: issues-help@lucene.apache.org