Last modified: 2013-07-25 07:03:26 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T50294, the corresponding Phabricator task for complete and up-to-date bug report information.
First Last Prev Next    This bug is not in your last search results.
Bug 48294 - ApiUpload.php -- Async chunked upload fails when chunk is of file size but file is stashed
ApiUpload.php -- Async chunked upload fails when chunk is of file size but fi...
Status: RESOLVED FIXED
Product: MediaWiki
Classification: Unclassified
API (Other open bugs)
1.22.0
All All
: High normal (vote)
: ---
Assigned To: Brad Jorsch
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2013-05-09 14:05 UTC by Rainer Rillke @commons.wikimedia
Modified: 2013-07-25 07:03 UTC (History)
6 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Rainer Rillke @commons.wikimedia 2013-05-09 14:05:02 UTC 
Original title:
ApiUpload.php -- Async chunked upload fails when chunk is of file size but file is stashed

Here is what I send to the server:

------------mediawiki.commons.MwJSBot0.5308303697218709
Content-Disposition: form-data; name="format"
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

json
------------mediawiki.commons.MwJSBot0.5308303697218709
Content-Disposition: form-data; name="action"
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

upload
------------mediawiki.commons.MwJSBot0.5308303697218709
Content-Disposition: form-data; name="filename"
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

' onmouseover='alert("There is a security vulnerable. Please contact the next admin if you see this in a message box.")' target='.png
------------mediawiki.commons.MwJSBot0.5308303697218709
Content-Disposition: form-data; name="stash"
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

1
------------mediawiki.commons.MwJSBot0.5308303697218709
Content-Disposition: form-data; name="filesize"
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

459
------------mediawiki.commons.MwJSBot0.5308303697218709
Content-Disposition: form-data; name="offset"
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

0
------------mediawiki.commons.MwJSBot0.5308303697218709
Content-Disposition: form-data; name="async"
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

1
------------mediawiki.commons.MwJSBot0.5308303697218709
Content-Disposition: form-data; name="ignorewarnings"
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

1
------------mediawiki.commons.MwJSBot0.5308303697218709
Content-Disposition: attachment; name="chunk"; filename="' onmouseover='alert(-There is a security vulnerable. Please contact the next admin if you see this in a message box.-)' target='.png"
Content-Type: image/png
Content-Transfer-Encoding: binary

PNG

[...]
------------mediawiki.commons.MwJSBot0.5308303697218709
Content-Disposition: form-data; name="token"
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

removed+\
------------mediawiki.commons.MwJSBot0.5308303697218709--

Which gives the following result:
{"servedby":"mw1121","error":{"code":"stashfailed","info":"Chunk assembly already in progress."}}

This is because of line 211 ff. in ApiUpload.php
which does 
$this->dieUsage( "Chunk assembly already in progress.", 'stashfailed' );

At this time, the file is being added to the stash *but* the API user does not get a filekey back! Without that key, publishing the upload or querying the status is not possible.

I suggest either to refuse chunked uploads that only consist of one chunk or returning the result (Poll) from line 214 if the chunk is of the size of the whole file.

This way it will be possible to either publish the upload or it is clear that one-chunk-chunked uploads are not wanted.
Comment 1 Brad Jorsch 2013-05-09 22:17:35 UTC 
Note this is is only reproducible by making multiple chunked uploads in a session, although it's likely that there are other things broken even in the single-upload case.
Comment 2 Gerrit Notification Bot 2013-05-09 22:17:49 UTC 
Related URL: https://gerrit.wikimedia.org/r/63079 (Gerrit Change Idbeab2fd0d801974b610198dcf02c81798f65a0d)
Comment 3 Aaron Schulz 2013-05-17 20:55:09 UTC 
Can this be closed?
Comment 4 Rainer Rillke @commons.wikimedia 2013-05-17 21:23:45 UTC 
Unfortunately it is not solved at Commons yet:
Still getting

{"servedby":"mw1141","error":{"code":"stashfailed","info":"Chunk assembly already in progress."}}

(on first attempt it uploaded successfully and said "poll" but when I checked status, it returned an error)

Also Gerrit Status is "Review in Progress / Need Rebase or Has Dependency". Until it is merged, it should stay open if other users run into this.
Comment 5 Brad Jorsch 2013-05-20 17:11:10 UTC 
(In reply to comment #3)
> Can this be closed?

No, patch is not yet merged.
Comment 6 Gerrit Notification Bot 2013-05-29 17:43:19 UTC 
https://gerrit.wikimedia.org/r/63079 (Gerrit Change Idbeab2fd0d801974b610198dcf02c81798f65a0d) | change APPROVED and MERGED [by jenkins-bot]
Comment 7 Brad Jorsch 2013-05-29 17:56:46 UTC 
Ok, now it's merged. The fix will most likely be deployed to WMF wikis with 1.22wmf6, see https://www.mediawiki.org/wiki/MediaWiki_1.22/Roadmap for the schedule.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.

Navigation
Links