Uploaded image for project: 'Jira Align'
  1. Jira Align
  2. JIRAALIGN-3018

Searching portfolio names in ProgramGrid.asp renders a Whoops error page (Incorrect Syntax or Invalid column name)

    XMLWordPrintable

Details

    • 1
    • Severity 3 - Minor
    • No

    Description

      Issue Summary

      ProgramGrid.asp is throwing a Whoops error page due to exceptions when searching Portfolio names.
      The exceptions are of types:

      • Incorrect syntax near '<string>'.
      • Invalid column name '<string>'.

      Steps to Reproduce

      1. Browse to Portfolios Setup (ProgramsGrid.asp) page
      2. Type in the portfolio name in the Search box
      3. Click the magnifying glass to execute search
      • Notice the Whoops error page (and corresponding "/Error?er=<errId>" URL)

      Expected Results

      • Search results are displayed and no Whoops errors whatsoever

      Actual Results

      • A Whoops error page is thrown
      • The following exceptions can be seen in Splunk:
      { [-]
   ASP_function: OOFunctionsSql.SetRSParamsCursor
   correlationid: BViZwTcdUO5yNWUlxl/a1BAMT0cLtDHsP/4nIa5thJU=
   customer_db: instance
   error_description: Incorrect syntax near '<string>'.
   error_id: 52108
   error_number: -2147217900
   error_source: Microsoft SQL Server Native Client 11.0
   log_type: exception
   logfrom_location: Website-ASP
   sql: EXEC RPM_GET_PROGRAM_LIST 30, 1, N' AND (...) And Description   like N''%%''))','p.ProgramID Desc', N'2324',30
   timestamp: 2021-04-05T09:43:48.375000-04:00
   url: https://instance.jiraalign.com:443/ProgramGrid.asp
   urlverb: POST
   user: 2324
   version: 10.90.0.16500
}
      { [-]
   ASP_function: OOFunctionsSql.SetRSParamsCursor
   correlationid: IqzBNvT1ihWdOVGImB4cuAR+LYsbc87cV9tQ12LB1rc=
   customer_db: instance
   error_description: Invalid column name '<string>'.
   error_id: 52106
   error_number: -2147217900
   error_source: Microsoft SQL Server Native Client 11.0
   log_type: exception
   logfrom_location: Website-ASP
   sql: EXEC RPM_GET_PROGRAM_LIST 30, 1, N' AND (...) And Description   like N''%ES%''))','p.ProgramID Desc', N'2324',30
   timestamp: 2021-04-05T09:42:49.335000-04:00
   url: https://instance.jiraalign.com:443/ProgramGrid.asp
   urlverb: POST
   user: 2324
   version: 10.90.0.16500
}

      Workaround

      • Currently there is no known workaround for this behavior. A workaround will be added here when available.

      Attachments

        1. Not_repro_10.91.mp4
          2.78 MB
        2. Not_repro_10.93.mp4
          2.67 MB

        Issue Links

          mentioned in

          Page Loading...

          Page Loading...

          resolves

          ALIGNSP-8727 Loading...

          Activity

            People

              kforeman@atlassian.com Kyle Foreman
              rcortez@atlassian.com Rodrigo Cortez
              Votes:
              1 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Backbone Issue Sync