Launchpad itself

IntegrityError raised filing a bug using the email interface

Bug #595166 reported by Diogo Matsubara on 2010-06-16

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	Launchpad itself	Fix Released	Critical	Aaron Bentley

Bug Description

As seen on OOPS-1626CEMAIL4 an IntegrityError: duplicate key value violates unique constraint "bugnotification__bug__message__unq" was raised when the user tried to file a new bug report using the email interface.

Tags:

Related branches

lp:~abentley/launchpad/duplicate-msgid

Merged into lp:launchpad at revision 13139

Robert Collins (community): Needs Fixing on 2011-05-30

Abel Deuring (community): Approve (code) on 2011-05-27

lp:~abentley/launchpad/no-dedup

Merged into lp:launchpad at revision 13148

Robert Collins (community): Approve on 2011-05-31

Graham Binns (gmb) on 2010-06-23

Changed in malone:
importance:	Undecided → High
status:	New → Triaged

Revision history for this message

Curtis Hovey (sinzui) wrote on 2010-10-19:

This is also bug 659184

Robert Collins (lifeless) on 2011-01-12

Changed in launchpad:
importance:	High → Critical

Revision history for this message

Robert Collins (lifeless) wrote on 2011-01-12:

From the dup: """"curtis says: The message is spam. It was sent from a compromised email account:
https://answers.launchpad.net/launchpad-registry/+question/130282

The violation is question.id and message.id. The rfc822msgid was reused in the spam attack.

The AnswerTrackerHandler.process() method, uses messageset.fromEmail() to create a message object, but fromEmail() is also a lookup method. Since the rfc822msgid was reused, the first attack message was retrieved instead of creating a new one. Question.addComment() failed because the message associated with rfc822msgid already exists. fromEmail() is used by both the answers and the bug handlers and both assume the message was created.

Both answers and bugs mail processes could trying looking up the message by rfc822msgid first or verify the message is not already linked. I suppose the latter is preferable since this kind of attack is rare."""

Curtis Hovey (sinzui) on 2011-05-17

tags:

added: easy

Aaron Bentley (abentley) on 2011-05-27

Changed in launchpad:
assignee:	nobody → Aaron Bentley (abentley)
status:	Triaged → In Progress

Revision history for this message

Launchpad QA Bot (lpqabot) wrote on 2011-05-30:

Fixed in stable r13139 <http://bazaar.launchpad.net/~launchpad-pqm/launchpad/stable/revision/13139>.

tags:	added: qa-needstesting
Changed in launchpad:
status:	In Progress → Fix Committed

William Grant (wgrant) on 2011-05-31

tags:

added: bad-commit-13139 qa-bad
removed: qa-needstesting

William Grant (wgrant) on 2011-06-01

Changed in launchpad:
status:	Fix Committed → In Progress

Revision history for this message

Launchpad QA Bot (lpqabot) wrote on 2011-06-02:

Fixed in stable r13148 <http://bazaar.launchpad.net/~launchpad-pqm/launchpad/stable/revision/13148>.

tags:	added: qa-needstesting removed: qa-bad
Changed in launchpad:
status:	In Progress → Fix Committed

Aaron Bentley (abentley) on 2011-06-03

tags:

added: qa-untestable
removed: qa-needstesting

William Grant (wgrant) on 2011-06-07

Changed in launchpad:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

Duplicates of this bug

Bug #659184

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.