logicalGroup2 sql exception

Q&A
1

In our environment we are having multiple sql exceptions that reference the column logicalGroup2

Ill share with you a fragment of Bonita BPM logs:

2018-12-10 11:17:46.699 -0500 SEVERE: org.bonitasoft.console.common.server.login.credentials.LoginDatastore Error while logging in the engine API.
2018-12-10 11:19:29.345 -0500 SEVERE: org.bonitasoft.console.common.server.login.credentials.LoginDatastore Error while logging in the engine API.
2018-12-10 11:25:43.065 -0500 SEVERE: org.bonitasoft.console.common.server.login.credentials.LoginDatastore Error while logging in the engine API.
2018-12-10 11:25:53.084 -0500 SEVERE: org.bonitasoft.console.common.server.login.credentials.LoginDatastore Error while logging in the engine API.
2018-12-10 11:32:37.002 -0500 WARNING: org.hibernate.engine.jdbc.spi.SqlExceptionHelper SQL Warning Code: 1292, SQLState: HY000
2018-12-10 11:32:37.003 -0500 WARNING: org.hibernate.engine.jdbc.spi.SqlExceptionHelper Truncated incorrect DOUBLE value: 'The fees from this monetization management will be 5% of the face value of the Bank Guarantee and will be broken down as follows'
2018-12-10 11:32:37.004 -0500 WARNING: org.hibernate.engine.jdbc.spi.SqlExceptionHelper SQL Warning Code: 1366, SQLState: HY000
2018-12-10 11:32:37.004 -0500 WARNING: org.hibernate.engine.jdbc.spi.SqlExceptionHelper Incorrect integer value: 'The fees from this monetization management will be 5% of the face value of the Bank Guarantee and will be broken down as follows' for column 'logicalGroup2' at row 1
2018-12-10 11:32:37.080 -0500 WARNING: org.hibernate.engine.jdbc.spi.SqlExceptionHelper SQL Warning Code: 1292, SQLState: HY000
2018-12-10 11:32:37.081 -0500 WARNING: org.hibernate.engine.jdbc.spi.SqlExceptionHelper Truncated incorrect DOUBLE value: 'The fees from this monetization management will be 5% of the face value of the Bank Guarantee and will be broken down as follows'
2018-12-10 11:32:37.081 -0500 WARNING: org.hibernate.engine.jdbc.spi.SqlExceptionHelper SQL Warning Code: 1366, SQLState: HY000
2018-12-10 11:32:37.081 -0500 WARNING: org.hibernate.engine.jdbc.spi.SqlExceptionHelper Incorrect integer value: 'The fees from this monetization management will be 5% of the face value of the Bank Guarantee and will be broken down as follows' for column 'logicalGroup2' at row 1

As you can see there are multiple logging errors and after that several sql exceptions, we believe this is some kind of attack…? we have no clue about the value that is trying to be inserted in that column.

Given the fact that this is a hibernate exception we believe that this happen after using the Bonita BPM REST API but we are not sure what exact method is being used.

Is there a way to trace the user or the computer that is being used to throw those exceptions? or a way to know what exact method is being used?

Best regards,

2

Hello mzhu,

Regarding the WARNINGS logs, it looks like there is a typing issue because some text is provided instead of a double value: “Truncated incorrect DOUBLE value: ‘The fees from this monetization management will be 5% of the face value of the Bank Guarantee and will be broken down as follows’”. I do not think it is related to the SEVERE logs but you might want to fix this at first in case it is. Could you let us know if the issue still continues after you fix these WARNINGS?

In the meantime, I checked the source code publicly available that raise these logs and it looks like the cause is that the username and/or password is/are ‘null’. This might help you to identify the faulty caller.

Yes, it is possible to debug Bonita at runtime. The Engine runs on a Java application server so you can enable debugging, connect and add break-point(s) at runtime as you would do for any remote Java application.

Cheers,