[sr-dev] Permissions module + database crash bug?

[Henning Westerholt]

On Mittwoch, 30. September 2009, Alex Balashov wrote:
> > Do you use allow_trusted in caching mode, or does it query the db for
> > every invocation? If the latter, i'd take a closer look to the failure
> > handling logic in the function, perhaps it lets some variables staying
> > in a unclean state after a failure.
>
> Non-caching mode, and by design.  The list changes with some frequency.
>
> I understood from the backtrace that the crash was *in* the function
> mysql_real_escape_string(), but I did not necessarily assume that means
> the problem is with the implementation of that function in the sense of
> a "bug."

Hi Alex,

yes, perhaps i expressed myself a bit unclear.

> Perhaps the function should do a better job of validating all input it
> receives, yes, but the fundamental problem may be with the way that it's
> being invoked by the caller under that particular set of circumstances.
>   That's assuming the problem has to do with invalid parameters to the
> function at all, and not some indirect cause.

This is also my opinion.

> I have tried very hard to recreate this problem with a few other modules
> that utilise the database and also call standard libmysqlclient
> functions (including mysql_real_escape_string(), I would imagine) such
> as avpops, and I cannot get it to crash.  My only conclusion is that
> there has got to be something that the implementation of allow_trusted()
> is doing that is a little bit ... special.

I also suspect this, as i don't get this behaviour so far in similar test/ 
production scenarios.

Henning
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-dev/attachments/20091001/c9b1ffc1/attachment.htm>