Merge branch 'fix-out-of-bounds-markdown-refs' into 'master'

Fix RangeError exceptions when referring to issues or merge requests outside of max database values

When using #XYZ in Markdown text, if XYZ exceeds the maximum value of a signed 32-bit integer, we get an exception when the Markdown render attempts to run `where(iids: XYZ)`. Introduce a method that will throw out out-of-bounds values.
    
Closes #18777

See merge request !4777

2 files changed, 7 insertions, 1 deletions

diff --git a/lib/banzai/filter/abstract_reference_filter.rb b/lib/banzai/filter/abstract_reference_filter.rb
index 4815bafe238..81d66271136 100644
--- a/lib/banzai/filter/abstract_reference_filter.rb
+++ b/lib/banzai/filter/abstract_reference_filter.rb
@@ -218,8 +218,9 @@ module Banzai
           nodes.each do |node|
             node.to_html.scan(regex) do
               project = $~[:project] || current_project_path
+              symbol = $~[object_sym]
 
-              refs[project] << $~[object_sym]
+              refs[project] << symbol if object_class.reference_valid?(symbol)
             end
           end
 
diff --git a/lib/gitlab/database.rb b/lib/gitlab/database.rb
index d76ecb54017..078609c86f1 100644
--- a/lib/gitlab/database.rb
+++ b/lib/gitlab/database.rb
@@ -1,5 +1,10 @@
 module Gitlab
   module Database
+    # The max value of INTEGER type is the same between MySQL and PostgreSQL:
+    # https://www.postgresql.org/docs/9.2/static/datatype-numeric.html
+    # http://dev.mysql.com/doc/refman/5.7/en/integer-types.html
+    MAX_INT_VALUE = 2147483647
+
     def self.adapter_name
       connection.adapter_name
     end