[ https://issues.apache.org/jira/browse/SOLR-13178?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Johannes Kloos updated SOLR-13178: ---------------------------------- Description: Requesting any of the following URLs gives a 500 error due to a ClassCastException in o.a.s.r.j.ObjectUtil.mergeObjects: * [http://localhost:8983/solr/films/select?json=0] * [http://localhost:8983/solr/films/select?json.facet=1&json.facet.field=x] The error response is caused by uncaught ClassCastExceptions, such as (for the first URL): {\{ java.lang.ClassCastException: java.lang.Long cannot be cast to java.util.Map}} {{at org.apache.solr.request.json.ObjectUtil.mergeObjects(ObjectUtil.java:108)}} {{at org.apache.solr.request.json.RequestUtil.mergeJSON(RequestUtil.java:269)}} {{at org.apache.solr.request.json.RequestUtil.processParams(RequestUtil.java:180)}} {{at org.apache.solr.util.SolrPluginUtils.setDefaults(SolrPluginUtils.java:167)}} {{at org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:196)}} {{[...]}} {{The culprit seems to be the o.a.s.r.j.RequestUtil.mergeJSON method, in particular the following fragment:}} {{ Object o = ObjectBuilder.fromJSON(jsonStr);}} {{ // zero-length strings or comments can cause this to be null (and a zero-length string can result from a json content-type w/o a body)}} {{ if (o != null) {}} {{ ObjectUtil.mergeObjects(json, path, o, handler);}} } Note that o is an Object representing a JSON _value_, while SOLR seems to expect that o holds a JSON _object_. But in the examples above, the JSON value is a number (represented by a Long object) instead - this is, in fact, valid JSON. A possible fix could be to use the getObject method of ObjectUtil instead of blindly calling fromJSON. This bug was found using [Diffblue Microservices Testing|http://www.diffblue.com/labs]. Find more information on this [test campaign|https://www.diffblue.com/blog/2018/12/19/diffblue-microservice-testing-a-sneak-peek-at-our-early-product-and-results]. was: We found this bug using Diffblue Microservice testing Requesting any of the following URLs gives a 500 error due to a ClassCastException in o.a.s.r.j.ObjectUtil.mergeObjects: * [http://localhost:8983/solr/films/select?json=0] * [http://localhost:8983/solr/films/select?json.facet=1&json.facet.field=x] The error response is caused by uncaught ClassCastExceptions, such as (for the first URL): {\{ java.lang.ClassCastException: java.lang.Long cannot be cast to java.util.Map}} {{at org.apache.solr.request.json.ObjectUtil.mergeObjects(ObjectUtil.java:108)}} {{at org.apache.solr.request.json.RequestUtil.mergeJSON(RequestUtil.java:269)}} {{at org.apache.solr.request.json.RequestUtil.processParams(RequestUtil.java:180)}} {{at org.apache.solr.util.SolrPluginUtils.setDefaults(SolrPluginUtils.java:167)}} {{at org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:196)}} {{[...]}} {{The culprit seems to be the o.a.s.r.j.RequestUtil.mergeJSON method, in particular the following fragment:}} {{ Object o = ObjectBuilder.fromJSON(jsonStr);}} {{ // zero-length strings or comments can cause this to be null (and a zero-length string can result from a json content-type w/o a body)}} {{ if (o != null) {}} {{ ObjectUtil.mergeObjects(json, path, o, handler);}} } Note that o is an Object representing a JSON _value_, while SOLR seems to expect that o holds a JSON _object_. But in the examples above, the JSON value is a number (represented by a Long object) instead - this is, in fact, valid JSON. A possible fix could be to use the getObject method of ObjectUtil instead of blindly calling fromJSON. This bug was found using [Diffblue Microservices Testing|http://www.diffblue.com/labs]. Find more information on this [test campaign|https://www.diffblue.com/blog/2018/12/19/diffblue-microservice-testing-a-sneak-peek-at-our-early-product-and-results]. > ClassCastExceptions in o.a.s.request.json.ObjectUtil for valid JSON inputs > that are not objects > ----------------------------------------------------------------------------------------------- > > Key: SOLR-13178 > URL: https://issues.apache.org/jira/browse/SOLR-13178 > Project: Solr > Issue Type: Bug > Security Level: Public(Default Security Level. Issues are Public) > Components: Server > Affects Versions: 7.5, master (9.0) > Environment: Running on Unix, using a git checkout close to master. > h2. Steps to reproduce > * Build commit ea2c8ba of Solr as described in the section below. > * Build the films collection as described below. > * {{Start the server using the command “./bin/solr start -f -p 8983 -s > /tmp/home”}} > * Request the URL above. > h2. Compiling the server > {{git clone [https://github.com/apache/lucene-solr > ]cd lucene-solr > git checkout ea2c8ba > ant compile > cd solr > ant server}} > h2. Building the collection > We followed Exercise 2 from the quick start tutorial > ([http://lucene.apache.org/solr/guide/7_5/solr-tutorial.html#exercise-2]) - > for reference, I have attached a copy of the database. > {{mkdir -p /tmp/home > echo '<?xml version="1.0" encoding="UTF-8" ?><solr></solr>' > > /tmp/home/solr.xml}} > In one terminal start a Solr instance in foreground: > ./bin/solr start -f -p 8983 -s /tmp/home > In another terminal, create a collection of movies, with no shards and no > replication: > {{bin/solr create -c films > curl -X POST -H 'Content-type:application/json' --data-binary > '\{"add-field": {"name":"name", "type":"text_general", "multiValued":false, > "stored":true}}' [http://localhost:8983/solr/films/schema]}} > {{curl -X POST -H 'Content-type:application/json' --data-binary > '{"add-copy-field" : {"source":"*","dest":"_text_"}}' > [http://localhost:8983/solr/films/schema]}} > {{./bin/post -c films example/films/films.json}} > Reporter: Johannes Kloos > Priority: Minor > Attachments: home.zip > > > Requesting any of the following URLs gives a 500 error due to a > ClassCastException in o.a.s.r.j.ObjectUtil.mergeObjects: > * [http://localhost:8983/solr/films/select?json=0] > * [http://localhost:8983/solr/films/select?json.facet=1&json.facet.field=x] > The error response is caused by uncaught ClassCastExceptions, such as (for > the first URL): > {\{ java.lang.ClassCastException: java.lang.Long cannot be cast to > java.util.Map}} > {{at > org.apache.solr.request.json.ObjectUtil.mergeObjects(ObjectUtil.java:108)}} > {{at > org.apache.solr.request.json.RequestUtil.mergeJSON(RequestUtil.java:269)}} > {{at > org.apache.solr.request.json.RequestUtil.processParams(RequestUtil.java:180)}} > {{at > org.apache.solr.util.SolrPluginUtils.setDefaults(SolrPluginUtils.java:167)}} > {{at > org.apache.solr.handler.RequestHandlerBase.handleRequest(RequestHandlerBase.java:196)}} > {{[...]}} > {{The culprit seems to be the o.a.s.r.j.RequestUtil.mergeJSON method, in > particular the following fragment:}} > {{ Object o = ObjectBuilder.fromJSON(jsonStr);}} > {{ // zero-length strings or comments can cause this to be null (and > a zero-length string can result from a json content-type w/o a body)}} > {{ if (o != null) {}} > {{ ObjectUtil.mergeObjects(json, path, o, handler);}} > } > Note that o is an Object representing a JSON _value_, while SOLR seems to > expect that o holds a JSON _object_. But in the examples above, the JSON > value is a number (represented by a Long object) instead - this is, in fact, > valid JSON. > A possible fix could be to use the getObject method of ObjectUtil instead of > blindly calling fromJSON. > This bug was found using [Diffblue Microservices > Testing|http://www.diffblue.com/labs]. Find more information on this [test > campaign|https://www.diffblue.com/blog/2018/12/19/diffblue-microservice-testing-a-sneak-peek-at-our-early-product-and-results]. -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@lucene.apache.org For additional commands, e-mail: dev-h...@lucene.apache.org