[JENKINS-32349] Entering a newline in a Label description makes "slave" matrix axis unavailable

[timja]

Problem
If a newline is present in a Label description (), the matrix job configuration "Slaves' option will not be selectable (jenk3-slaves-problem.png). No error is seen in the log files.

To reproduce
1). Create a Jenkins slave (if needed). Add a label to that slave MY_LABEL. Edit the label's description as follows:

 "This is 
a newline in the description"

2). Create a new Multi-configuration project
3). Attempt to add a "Slaves" axis. The expected dropdown will not appear and it won't be possible to add a Slaves axis.

Possible cause
in (JENKINS_HOME)/labels/label.xml, the tags and must be on the same line. The newline in the description adds a newline before the tag above, which seems to cause the matrix job problem as described above. Please see attachments for an example.

Workaround
Avoid newlines in the Label description. HTML is permissable there.
Simple guideline: do not enter a newline when making a label description. One MAY use html
and other HTML tags.

Good:

This is my name,
Matt

Bad:

This is my name,
this issue>
Matt 

---

Originally reported by mmlegra, imported from: Entering a newline in a Label description makes "slave" matrix axis unavailable

• assignee: kohsuke
• status: Open
• priority: Minor
• resolution: Unresolved
• imported: 2022/01/10

[timja]

cwalther:

I just ran into this as well on Jenkins 1.646. It seems to me that the reason is that the hudson.Functions.jsStringEscape() function (https://github.com/jenkinsci/jenkins/blob/ac566a91e44e3482083355bd5cde3cf65610c4a3/core/src/main/java/hudson/Functions.java#L1333 called from hudson.matrix.LabelAxis.DescriptorImpl.buildLabelCheckBox() called from matrix-project-plugin/src/main/resources/hudson/matrix/LabelAxis/config.jelly) does not escape newlines, so that executing the generated JavaScript code fails with a syntax error. The following patch might therefore fix it (I have not tested this however and don’t have time to):

diff --git a/core/src/main/java/hudson/Functions.java b/core/src/main/java/hudson/Functions.java
index 188412b..dd74ada 100644
--- a/core/src/main/java/hudson/Functions.java
+++ b/core/src/main/java/hudson/Functions.java
@@ -1344,6 +1344,9 @@ public class Functions {
     case '"':
 buf.append("\\\"");
 break;
+    case '\n':
+buf.append("\\n");
+break;
     default:
 buf.append(ch);
     }

However, maybe showing only the first line of the description would be better – something like this (not tested either):

diff --git a/src/main/java/hudson/matrix/LabelAxis.java b/src/main/java/hudson/matrix/LabelAxis.java
index de8b6d1..672cad7 100644
--- a/src/main/java/hudson/matrix/LabelAxis.java
+++ b/src/main/java/hudson/matrix/LabelAxis.java
@@ -79,7 +79,7 @@ public class LabelAxis extends Axis {
 Functions.htmlAttributeEscape(la.getName()))
    +String.format("+has(%s)+",jsstr(la.getName()))
    +jsstr("/>'attach-previous'>%s (%s)",
-la.getName(),la.getDescription());
+la.getName(),la.getDescription().split("[\\r\\n]", 2)[0]);
     // '${h.jsStringEscape('"checkbox" name="values" json="'+h.htmlAttributeEscape(l.name)+'" ')}'+has("${h.jsStringEscape(l.name)}")+'${h.jsStringEscape('/>"attach-previous">'+l.name+' ('+l.description+')')}'
 }
     }

[timja]

tom_ghyselinck:

Hi all,

Any update on this?

Not a major issues, but it makes our label descriptions hard to edit...

With best regards,
Tom.

[timja]

christophlinder:

Might not be just newlines but also special characters (e.g.: german Umlauts like 'ü')

[timja]

b_brueckmann:

We just ran across this issue.

Reproduced: german Umlauts like ü are not a problem

Reproduced: new lines are the problem

 

Futhermore a "corrupted" label destroys the configuration of a job if one saves the job (without any change by the user). Steps 2 repeat for this:

• Having a working matrix job
• create label with newline
• Opening Job Config
• Hit save (no manual changes)
• => Job is no longer working, as the setting of labels/slaves was deleted from the underlying xml

[timja]

alex01ves:

Just encountered this. Problem is very easy to solve when you know what to look for, but for a large configuration with many administrators it is a total mystery: someone updates a label description (which is perceived as a safe enough action), and another admin is unable to set labels anymore the next day. 
As described in the previous comment, this leads to broken jobs when you save an existing multi-config job.

[timja]

christophlinder:

Since this bug is triggered javascript eval() (security anyone?) plus some breakage occurs (config messed up if saved, see above):

is this really a "minor" bug?
I suggest raising its severity to "major"