| Summary | Incorrect return type from cache miss |
| Queue | Horde Framework Packages |
| Queue Version | FRAMEWORK_3 |
| Type | Bug |
| State | Resolved |
| Priority | 1. Low |
| Owners | chuck (at) horde (dot) org |
| Requester | bklang (at) horde (dot) org |
| Created | 01/02/2008 (6518 days ago) |
| Due | |
| Updated | 01/02/2008 (6518 days ago) |
| Assigned | |
| Resolved | 01/02/2008 (6518 days ago) |
| Github Issue Link | |
| Github Pull Request | |
| Milestone | |
| Patch | No |
Assigned to Chuck Hagenbuch
State ⇒ Resolved
State ⇒ Unconfirmed
Priority ⇒ 1. Low
Type ⇒ Bug
Summary ⇒ Incorrect return type from cache miss
Queue ⇒ Horde Framework Packages
is configured to use the MySQL cache backend. While calling
$perms->exists() I see that a cache miss results in an erroneous
$perms result. Fortunately it is a "fail-closed" so no extra
permissions are granted, but the unsuspecting user will not see the
application to which he has been granted.
From framework/Perms/Perms/datatree.php line 139:
$perm = $this->_cache->get('perm_' . $name,
$GLOBALS['conf']['cache']['default_lifetime']);
if ($perm === false) {
$this->_cache->set('perm_' . $name, serialize($perm),
$GLOBALS['conf']['cache']['default_lifetime']);
$permsCache[$name] = $perm;
}
This code expects a cache miss to return a false. Inspection of the
code seems to take some care to ensure this happens (for instance on a
DB error). However the return type for DB::common::getOne() is NULL
if the row does not exist. This causes entries which have not yet
been cached to return a type of NULL. From line 150 of
framework/Cache/Cache/sql.php:
$result = $this->_db->getOne($query, $values);
if (is_a($result, 'PEAR_Error')) {
Horde::logMessage($result, __FILE__, __LINE__, PEAR_LOG_ERR);
return false;
} else {
if ($this->_mc) {
$this->_mc->set($key, $result);
}
return $result;
}
I *think* the correct action here would be to check for a return type
of NULL from getOne() and then return false, indicating a cache miss.
However, I'm not very coherent on the bigger picture for the Cache
system yet, so I'll leave it for discussion here. Did I miss something?
Practical example: In my case I have a module called "site" which has
granted "show/read" perms to Guests. When a guest goes into that app
they are prompted with a login screen. Inserting debug statements
into the code shows that while I have indeed defined a "site"
permission, it is never checked directly because the Perms/datatree
code receives a NULL from the Cache driver.