Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Invalid language code causes Internal Server Error #881

Closed
slubar opened this issue Sep 20, 2022 · 1 comment · Fixed by #945
Closed

Invalid language code causes Internal Server Error #881

slubar opened this issue Sep 20, 2022 · 1 comment · Fixed by #945
Assignees
@jdaigneau5
Milestone
CVE Services 2.1

Comments

@slubar
Copy link
Contributor

slubar commented Sep 20, 2022

For the POST /api/cve/:id/cna endpoint, setting the description lang to "eng" causes a 500 error. Update this, and all other 500 errors being thrown for failing validation to 400 "bad input" errors. If possible, return additional failure information from the validator

Sample JSON for the container to use for testing:
{"cnaContainer" : {
"descriptions" : [ { "lang" : "eng", "value" : "One more CVE Services test CVE Record post." } ],
"affected" : [ { "versions" : [ { "version" : "1.1.0", "status" : "affected" } ],
"product" : "CVE Services product number two", "vendor" : "MITRE" } ],
"references" : [ { "url" : "http://mitre.org" } ],
"providerMetadata" : { "orgId" : "466e066c-d384-4b8a-8b15-067d9c22c5af",
"shortName" : "mitre",
"dateUpdated" : "2022-04-28T21:30:13.057Z"
}
}}
@slubar slubar added this to the CVE Services 2.1 milestone Sep 20, 2022
@jdaigneau5
Copy link
Collaborator

Look into this package: https://www.npmjs.com/package/bcp47-validate

@jdaigneau5 jdaigneau5 self-assigned this Dec 2, 2022
jdaigneau5 added a commit that referenced this issue Dec 8, 2022
@jdaigneau5
#881 validateCveRecord now returns an object that includes any errors…

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode
ca36845 
… that caused validation to fail. Also returns a 400 error instead of 500
@jdaigneau5 jdaigneau5 mentioned this issue Dec 8, 2022
Merged
jdaigneau5 added a commit that referenced this issue Dec 8, 2022
@jdaigneau5
#881 fixed tests
c723e60
brettp pushed a commit that referenced this issue Dec 9, 2022
@jdaigneau5 @brettp
#881 validateCveRecord now returns an object that includes any errors…
6e939ba 
… that caused validation to fail. Also returns a 400 error instead of 500
brettp pushed a commit that referenced this issue Dec 9, 2022
@jdaigneau5 @brettp
#881 fixed tests
e903a4d
brettp added a commit that referenced this issue Dec 9, 2022
@brettp
Merge pull request #945 from CVEProject/jd-881
d222d08 
Resolves #881 Invalid Cve Schemas Posts and Puts now return a 400 status code and corresponding errors
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jdaigneau5 jdaigneau5

Labels
None yet
Projects
None yet
Milestone
CVE Services 2.1
2 participants
@slubar @jdaigneau5