#2 wrong formatted XML requests are not validated

MediaTomb 0.8.1
closed-wont-fix
Jin
UPnP (10)
5
2008-09-22
2006-07-17
Anonymous
No

Sqlite didn't work for me so I tried the MySQL version.
Sometimes Mediatomb show the following debug message:

Mysql: (1064) You have an error in your SQL syntax;
check the manual that corresponds to your MySQL server
version for the right syntax to use near ';res_id=0' at
line 1
Query:SELECT f.id, f.ref_id, f.parent_id,
f.object_type, f.is_virtual, f.upnp_class, f.dc_title,
f.is_restricted, f.metadata, f.auxdata, f.update_id,
f.is_searchable, f.location, f.mime_type, f.action,
f.state, f.resources, rf.resources FROM cds_objects f
LEFT JOIN cds_objects rf ON f.ref_id = rf.id WHERE f.id
= 525namp;res_id=0
2006-06-17 17:07:42 INFO: web_get_info(): Exception
during callback: Mysql: mysql_real_query() failed
Exception: Mysql: mysql_real_query() failed
_STRACE_ 0 mediatomb [0x8070ab2]
_STRACE_ 1 mediatomb [0x8055a19]
_STRACE_ 2 mediatomb [0x8067952]
_STRACE_ 3 mediatomb [0x806c194]
_STRACE_ 4 mediatomb [0x808642c]
_STRACE_ 5 mediatomb [0x8062bfe]
_STRACE_ 6 /usr/local/lib/libupnp.so.2 [0xb7d0c80b]
_STRACE_ 7 /usr/local/lib/libupnp.so.2 [0xb7d06857]
_STRACE_ 8 /usr/local/lib/libthreadutil.so.2 [0xb7cf3dcd]
_STRACE_ 9 /lib/tls/i686/cmov/libpthread.so.0 [0xb7ab4341]
_STRACE_ 10 /lib/tls/i686/cmov/libc.so.6(__clone+0x5e)
[0xb7b8a4ee]

It seems to me like a minor error in character
conversion within the query creation. For me it only
happens when I try to open video files in the UPnP
Client. Audio files and pictures work without problems.

Discussion

  • Jin

    Jin - 2006-07-17
    • assigned_to: nobody --> jin_eld
     
  • Jin

    Jin - 2006-07-17

    Logged In: YES
    user_id=1205152

    Thanks for the report, could you please tell me what system
    you are using and what client you are using to play your
    media? Does the same error happen when you browse the server
    via a ControlPoint (for example Cidero).

    I somehow need to reproduce this to figure out why the
    object id is bad; I assume that it is because of the browse
    request that we get from the renderer, the XML must be weird
    and our conversion probably fails at some point. Another
    possibility is a bug in the XML parser, we will be switching
    to libupnp 1.4.x which fixes a few problems there.

    Do you think you can capture and send me the XML request
    from your renderer to the server, which triggers the error?

    Thanks,
    Jin

     
  • Anonymous - 2006-07-18

    Logged In: YES
    user_id=1363523

    Ok, I will try to reproduce the circumstances and clog the
    request but as always I tried for 15min now and still no
    error :-)

     
  • Anonymous - 2006-07-28

    Logged In: YES
    user_id=1363523

    I've just been able to reproduce the error but I think it's
    a problem with our client. I found some errors in decoding
    the URL and so it sends wrong formatted requests back to the
    server. Anyway the server shouldn't try that query if it
    contains invalid data. I have a ethereal log about the
    request but I can't attach that to this comment (Maybe I
    should open a new bug to attach it there?)
    Another thing I found in that ethereal log is the answer the
    server sends back, it's a HTTP 401. Is that correct?
    Shouldn't that be some kind of UPnP error like 718 (Invalid
    InstanceID) or something?

     
  • Jin

    Jin - 2006-07-28

    Logged In: YES
    user_id=1205152

    Well, I guess our URL decoder chokes on the wrong formatted
    request. So in that sense you are right - we should not try
    to make the SQL request. Could you please e-mail me the
    ethereal log to: jin at mediatomb dot org ? Thanks!

    Regarding the response, 401 is indeed suspicious, I am not
    sure if I got it right everywhere with the response codes. I
    have to go through the code again, anyway - thanks for
    pointing that out!

    Just curious, what client are you working with? :>

    Greetings,
    Jin

     
  • Jin

    Jin - 2006-08-13
    • labels: --> UPnP
    • summary: Error when using MySQL --> wrong formatted XML requests are not validated
    • milestone: --> MediaTomb 0.8.1
    • status: open --> open-later
     
  • Jin

    Jin - 2008-09-22
    • status: open-later --> closed-wont-fix
     
  • Jin

    Jin - 2008-09-22

    I guess we'll silently forget about this for the time being :>

     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

JavaScript is required for this form.





No, thanks