Details
-
Bug
-
Status: Closed
-
Trivial
-
Resolution: Fixed
-
9.0
-
Steps to reproduce
- Use a Linux machine.
- Build commit ea2c8ba of Solr as described in the section below.
- Build the films collection as described below.
- Start the server using the command ./bin/solr start -f -p 8983 -s /tmp/home
- Request the URL given in the bug description.
Compiling the server
git clone https://github.com/apache/lucene-solr cd lucene-solr git checkout ea2c8ba ant compile cd solr ant server
Building the collection
We followed Exercise 2 from the Solr Tutorial. The attached file (home.zip) gives the contents of folder /tmp/home that you will obtain by following the steps below:
mkdir -p /tmp/home echo '<?xml version="1.0" encoding="UTF-8" ?><solr></solr>' > /tmp/home/solr.xml
In one terminal start a Solr instance in foreground:
./bin/solr start -f -p 8983 -s /tmp/home
In another terminal, create a collection of movies, with no shards and no replication, and initialize it:
bin/solr create -c films curl -X POST -H 'Content-type:application/json' --data-binary '{"add-field": {"name":"name", "type":"text_general", "multiValued":false, "stored":true}}' http://localhost:8983/solr/films/schema curl -X POST -H 'Content-type:application/json' --data-binary '{"add-copy-field" : {"source":"*","dest":"_text_"}}' http://localhost:8983/solr/films/schema ./bin/post -c films example/films/films.jsonSteps to reproduce Use a Linux machine. Build commit ea2c8ba of Solr as described in the section below. Build the films collection as described below. Start the server using the command ./bin/solr start -f -p 8983 -s /tmp/home Request the URL given in the bug description. Compiling the server git clone https://github.com/apache/lucene-solr cd lucene-solr git checkout ea2c8ba ant compile cd solr ant server Building the collection We followed Exercise 2 from the Solr Tutorial . The attached file ( home.zip ) gives the contents of folder /tmp/home that you will obtain by following the steps below: mkdir -p /tmp/home echo '<?xml version="1.0" encoding="UTF-8" ?><solr></solr>' > /tmp/home/solr.xml In one terminal start a Solr instance in foreground: ./bin/solr start -f -p 8983 -s /tmp/home In another terminal, create a collection of movies, with no shards and no replication, and initialize it: bin/solr create -c films curl -X POST -H 'Content-type:application/json' --data-binary '{"add-field": {"name":"name", "type":"text_general", "multiValued":false, "stored":true}}' http://localhost:8983/solr/films/schema curl -X POST -H 'Content-type:application/json' --data-binary '{"add-copy-field" : {"source":"*","dest":"_text_"}}' http://localhost:8983/solr/films/schema ./bin/post -c films example/films/films.json
Description
Requesting the following URL causes Solr to return an HTTP 500 error response:
http://localhost:8983/solr/films/select?uf=fl=gen*,id&defType=edismax
The error response seems to be caused by the following uncaught exception:
java.lang.RuntimeException: dynamic field name must start or end with * at org.apache.solr.search.ExtendedDismaxQParser$DynamicField.<init>(ExtendedDismaxQParser.java:1610)
The DynamicField parser throws this RuntimeException to tell the user that the given query is invalid. Sadly, the exception is never caught, so it manifests as a 500 error instead of a 400 error.
We found this issue and ~70 more like this using Diffblue Microservices Testing. Find more information on this fuzz testing campaign.
Attachments
Attachments
Issue Links
- links to
