diff options
| author | Robert Speicher <robert@gitlab.com> | 2016-06-18 20:48:58 +0000 |
|---|---|---|
| committer | Robert Speicher <robert@gitlab.com> | 2016-06-18 20:48:58 +0000 |
| commit | 98cede7ebeae9dac994b35b66be6aab14eb932b3 (patch) | |
| tree | 58451c71c114977dfb164b0d4aa3b49a44a56afc /app | |
| parent | 0aab84c76012c16061ffccf4473aaeab2c528c2a (diff) | |
| parent | 7c9eba891963451a1feb2e5bbef90fdcac1496ff (diff) | |
| download | gitlab-ce-98cede7ebeae9dac994b35b66be6aab14eb932b3.tar.gz | |
Merge branch 'fix-out-of-bounds-markdown-refs' into 'master'
Fix RangeError exceptions when referring to issues or merge requests outside of max database values
When using #XYZ in Markdown text, if XYZ exceeds the maximum value of a signed 32-bit integer, we get an exception when the Markdown render attempts to run `where(iids: XYZ)`. Introduce a method that will throw out out-of-bounds values.
Closes #18777
See merge request !4777
Diffstat (limited to 'app')
| -rw-r--r-- | app/models/concerns/referable.rb | 4 | ||||
| -rw-r--r-- | app/models/issue.rb | 4 | ||||
| -rw-r--r-- | app/models/merge_request.rb | 4 |
3 files changed, 12 insertions, 0 deletions
diff --git a/app/models/concerns/referable.rb b/app/models/concerns/referable.rb index ce064f675ae..dee940a3f88 100644 --- a/app/models/concerns/referable.rb +++ b/app/models/concerns/referable.rb @@ -49,6 +49,10 @@ module Referable raise NotImplementedError, "#{self} does not implement #{__method__}" end + def reference_valid?(reference) + true + end + def link_reference_pattern(route, pattern) %r{ (?<url> diff --git a/app/models/issue.rb b/app/models/issue.rb index 1bdf9c011b2..3c5859194b4 100644 --- a/app/models/issue.rb +++ b/app/models/issue.rb @@ -83,6 +83,10 @@ class Issue < ActiveRecord::Base @link_reference_pattern ||= super("issues", /(?<issue>\d+)/) end + def self.reference_valid?(reference) + reference.to_i > 0 && reference.to_i <= Gitlab::Database::MAX_INT_VALUE + end + def self.sort(method, excluded_labels: []) case method.to_s when 'due_date_asc' then order_due_date_asc diff --git a/app/models/merge_request.rb b/app/models/merge_request.rb index 73bf182ec9f..36bc98bdb1e 100644 --- a/app/models/merge_request.rb +++ b/app/models/merge_request.rb @@ -133,6 +133,10 @@ class MergeRequest < ActiveRecord::Base @link_reference_pattern ||= super("merge_requests", /(?<merge_request>\d+)/) end + def self.reference_valid?(reference) + reference.to_i > 0 && reference.to_i <= Gitlab::Database::MAX_INT_VALUE + end + # Returns all the merge requests from an ActiveRecord:Relation. # # This method uses a UNION as it usually operates on the result of |