Fix RangeError exceptions when referring to issues or merge requests outside of max database values

When using #XYZ in Markdown text, if XYZ exceeds the maximum value of a signed 32-bit integer, we
get an exception when the Markdown render attempts to run `where(iids: XYZ)`. Introduce a method
that will throw out out-of-bounds values.

Closes #18777

8 files changed, 32 insertions, 2 deletions

diff --git a/app/models/concerns/referable.rb b/app/models/concerns/referable.rb
index ce064f675ae..dee940a3f88 100644
--- a/app/models/concerns/referable.rb
+++ b/app/models/concerns/referable.rb
@@ -49,6 +49,10 @@ module Referable
       raise NotImplementedError, "#{self} does not implement #{__method__}"
     end
 
+    def reference_valid?(reference)
+      true
+    end
+
     def link_reference_pattern(route, pattern)
       %r{
         (?<url>
diff --git a/app/models/issue.rb b/app/models/issue.rb
index 1bdf9c011b2..3c5859194b4 100644
--- a/app/models/issue.rb
+++ b/app/models/issue.rb
@@ -83,6 +83,10 @@ class Issue < ActiveRecord::Base
     @link_reference_pattern ||= super("issues", /(?<issue>\d+)/)
   end
 
+  def self.reference_valid?(reference)
+    reference.to_i > 0 && reference.to_i <= Gitlab::Database::MAX_INT_VALUE
+  end
+
   def self.sort(method, excluded_labels: [])
     case method.to_s
     when 'due_date_asc' then order_due_date_asc
diff --git a/app/models/merge_request.rb b/app/models/merge_request.rb
index 73bf182ec9f..36bc98bdb1e 100644
--- a/app/models/merge_request.rb
+++ b/app/models/merge_request.rb
@@ -133,6 +133,10 @@ class MergeRequest < ActiveRecord::Base
     @link_reference_pattern ||= super("merge_requests", /(?<merge_request>\d+)/)
   end
 
+  def self.reference_valid?(reference)
+    reference.to_i > 0 && reference.to_i <= Gitlab::Database::MAX_INT_VALUE
+  end
+
   # Returns all the merge requests from an ActiveRecord:Relation.
   #
   # This method uses a UNION as it usually operates on the result of
diff --git a/lib/banzai/filter/abstract_reference_filter.rb b/lib/banzai/filter/abstract_reference_filter.rb
index 4815bafe238..81d66271136 100644
--- a/lib/banzai/filter/abstract_reference_filter.rb
+++ b/lib/banzai/filter/abstract_reference_filter.rb
@@ -218,8 +218,9 @@ module Banzai
           nodes.each do |node|
             node.to_html.scan(regex) do
               project = $~[:project] || current_project_path
+              symbol = $~[object_sym]
 
-              refs[project] << $~[object_sym]
+              refs[project] << symbol if object_class.reference_valid?(symbol)
             end
           end
 
diff --git a/lib/gitlab/database.rb b/lib/gitlab/database.rb
index d76ecb54017..078609c86f1 100644
--- a/lib/gitlab/database.rb
+++ b/lib/gitlab/database.rb
@@ -1,5 +1,10 @@
 module Gitlab
   module Database
+    # The max value of INTEGER type is the same between MySQL and PostgreSQL:
+    # https://www.postgresql.org/docs/9.2/static/datatype-numeric.html
+    # http://dev.mysql.com/doc/refman/5.7/en/integer-types.html
+    MAX_INT_VALUE = 2147483647
+
     def self.adapter_name
       connection.adapter_name
     end
diff --git a/spec/lib/banzai/filter/abstract_link_filter_spec.rb b/spec/lib/banzai/filter/abstract_link_filter_spec.rb
index 0c55d8e19da..1ee31a603e4 100644
--- a/spec/lib/banzai/filter/abstract_link_filter_spec.rb
+++ b/spec/lib/banzai/filter/abstract_link_filter_spec.rb
@@ -8,7 +8,7 @@ describe Banzai::Filter::AbstractReferenceFilter do
       doc = Nokogiri::HTML.fragment("#1 #{project.to_reference}#2")
       filter = described_class.new(doc, project: project)
 
-      expect(filter).to receive(:object_class).twice.and_return(Issue)
+      expect(filter).to receive(:object_class).exactly(4).times.and_return(Issue)
       expect(filter).to receive(:object_sym).twice.and_return(:issue)
 
       refs = filter.references_per_project
diff --git a/spec/lib/banzai/filter/issue_reference_filter_spec.rb b/spec/lib/banzai/filter/issue_reference_filter_spec.rb
index 25f0bc2092f..5b63c946114 100644
--- a/spec/lib/banzai/filter/issue_reference_filter_spec.rb
+++ b/spec/lib/banzai/filter/issue_reference_filter_spec.rb
@@ -134,6 +134,12 @@ describe Banzai::Filter::IssueReferenceFilter, lib: true do
 
       expect(reference_filter(act).to_html).to eq exp
     end
+
+    it 'ignores out-of-bounds issue IDs on the referenced project' do
+      exp = act = "Fixed ##{Gitlab::Database::MAX_INT_VALUE + 1}"
+
+      expect(reference_filter(act).to_html).to eq exp
+    end
   end
 
   context 'cross-project URL reference' do
diff --git a/spec/lib/banzai/filter/merge_request_reference_filter_spec.rb b/spec/lib/banzai/filter/merge_request_reference_filter_spec.rb
index 3185e41fe5c..805acf1c8b3 100644
--- a/spec/lib/banzai/filter/merge_request_reference_filter_spec.rb
+++ b/spec/lib/banzai/filter/merge_request_reference_filter_spec.rb
@@ -38,6 +38,12 @@ describe Banzai::Filter::MergeRequestReferenceFilter, lib: true do
       expect(reference_filter(act).to_html).to eq exp
     end
 
+    it 'ignores out-of-bounds merge request IDs on the referenced project' do
+      exp = act = "Merge !#{Gitlab::Database::MAX_INT_VALUE + 1}"
+
+      expect(reference_filter(act).to_html).to eq exp
+    end
+
     it 'includes a title attribute' do
       doc = reference_filter("Merge #{reference}")
       expect(doc.css('a').first.attr('title')).to eq "Merge Request: #{merge.title}"