Uploaded image for project: 'Solr'
  1. Solr
  2. SOLR-13185

NPE in query parsing because of missing null check

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: master (9.0)
    • Fix Version/s: None
    • Component/s: query parsers
    • Labels:
    • Environment:

      Description

      Requesting the following URL causes Solr to return an HTTP 500 error response:

      http://localhost:8983/solr/films/select?defType=complexphrase&q.op=AND
      

      The error response seems to be caused by the following uncaught exception:

      java.lang.NullPointerException
      at java.io.StringReader.<init>(StringReader.java:50)
      at org.apache.lucene.queryparser.classic.QueryParserBase.parse(QueryParserBase.java:106)
      at org.apache.lucene.queryparser.complexPhrase.ComplexPhraseQueryParser.parse(ComplexPhraseQueryParser.java:125)
      at org.apache.solr.search.ComplexPhraseQParserPlugin$ComplexPhraseQParser.parse(ComplexPhraseQParserPlugin.java:164)
      at org.apache.solr.search.QParser.getQuery(QParser.java:173)
      at org.apache.solr.handler.component.QueryComponent.prepare(QueryComponent.java:158)
      [...]
      

      What happens here is that a querystring (qstr) is passed into a StringReader. Ultimately, this query string comes from the method o.a.s.h.c.QueryComponent, in method prepare (line 157), where it is extracted using rb.queryString() [rb is of type responseBuffer]. The query string stored in the response buffer was earlier on extracted from the request URL by looking for the "q" parameter; note that this parameter is absent in the example request, so qstr would be null. The extracted qstr is then passed to QParser.getParser, which expects a non-null query string.

      We found this bug using Diffblue Microservices Testing. Find more information on this fuzz testing campaign.

        Attachments

        1. home.zip
          376 kB
          Johannes Kloos
        2. SOLR-13185.patch
          2 kB
          Charles Sanders
        3. SOLR-13185.patch
          3 kB
          Charles Sanders

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              jkloos Johannes Kloos
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated: