[sr-dev] Permissions module + database crash bug?
Alex Balashov
abalashov at evaristesys.com
Wed Sep 30 21:05:07 CEST 2009
Henning Westerholt wrote:
> Do you use allow_trusted in caching mode, or does it query the db for
> every invocation? If the latter, i'd take a closer look to the failure
> handling logic in the function, perhaps it lets some variables staying
> in a unclean state after a failure.
Non-caching mode, and by design. The list changes with some frequency.
I understood from the backtrace that the crash was *in* the function
mysql_real_escape_string(), but I did not necessarily assume that means
the problem is with the implementation of that function in the sense of
a "bug."
Perhaps the function should do a better job of validating all input it
receives, yes, but the fundamental problem may be with the way that it's
being invoked by the caller under that particular set of circumstances.
That's assuming the problem has to do with invalid parameters to the
function at all, and not some indirect cause.
I have tried very hard to recreate this problem with a few other modules
that utilise the database and also call standard libmysqlclient
functions (including mysql_real_escape_string(), I would imagine) such
as avpops, and I cannot get it to crash. My only conclusion is that
there has got to be something that the implementation of allow_trusted()
is doing that is a little bit ... special.
-- Alex
--
Alex Balashov - Principal
Evariste Systems
Web : http://www.evaristesys.com/
Tel : (+1) (678) 954-0670
Direct : (+1) (678) 954-0671
More information about the sr-dev
mailing list