Parameter "path" causes "500 Internal Server Error" on Commits REST endpoint

XMLWordPrintable

    • Type: Bug
    • Resolution: Duplicate
    • Priority: Low
    • None
    • Affects Version/s: 7.6.1
    • Component/s: API - REST
    • Severity 3 - Minor

      'path' parameter is not properly filtered in Rest API endpoint /rest/api/1.0/projects/{project_name}/repos/{repo_name}/commits, causing 500 internal server error. This is probably because that 'path' parameter is not properly filtered. The error can be reproduced by either of the following methods: (note in both cases the extra single quote at the end)

      1. GET request on: BITBUCKET_BASE_URL/rest/api/1.0/projects/{TEST}/repos/{test}/commits/test_string' or;
      2. GET request on: BITBUCKET_BASE_URL/rest/api/1.0/projects/{TEST}/repos/{test}/commits
        with parameters {"path": "test_string'"}

      Error message:

      /usr/bin/git rev-list --format=%H%x02%P%x02%aN%x02%aE%x02%at%x02%cN%x02%cE%x02%ct%n%B%n%x03END%x04 -1 test_string''' exited with code 128 saying: fatal: bad revision 'test_string'''\",\"exceptionName\":\"com.atlassian.bitbucket.scm.CommandFailedException\"

              Assignee:
              Unassigned
              Reporter:
              Deng Gelei
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: