Skip to content

PdoSessionHandler: fix advisory lock for pgsql #24367

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Sep 29, 2017
Merged

PdoSessionHandler: fix advisory lock for pgsql #24367

merged 1 commit into from
Sep 29, 2017

Conversation

Tobion
Copy link
Contributor

@Tobion Tobion commented Sep 28, 2017
edited
Loading

when session.sid_bits per_character > 4 the session id can contain non-hex-characters which will be ignored by hexdec. this can potentially result in collisions on the lock key from different sessions, e.g. the session ids aagh and aaij would have the same pgsql lock because hexdec('aagh') === hexdec('aaij')

Q A
Branch? 2.7
Bug fix? yes
New feature? no
BC breaks? no
Deprecations? no
Tests pass? yes
Fixed tickets #24095
License MIT
Doc PR

@Tobion Tobion changed the title PdoSessionHandler: fix advisory lock for pgsql when session.sid_bits_… PdoSessionHandler: fix advisory lock for pgsql Sep 28, 2017
@fabpot
Copy link
Member

fabpot commented Sep 29, 2017

Thank you @Tobion.

@fabpot fabpot merged commit 0f0a6e8 into symfony:2.7 Sep 29, 2017
fabpot added a commit that referenced this pull request Sep 29, 2017
@fabpot
bug #24367 PdoSessionHandler: fix advisory lock for pgsql (Tobion)
5bbec9c 
This PR was merged into the 2.7 branch.

Discussion
----------

PdoSessionHandler: fix advisory lock for pgsql

when session.sid_bits per_character > 4 the session id can contain non-hex-characters which will be ignored by hexdec. this can potentially result in collisions on the lock key from different sessions, e.g. the session ids `aagh` and `aaij` would have the same pgsql lock because `hexdec('aagh') === hexdec('aaij')`

| Q             | A
| ------------- | ---
| Branch?       | 2.7
| Bug fix?      | yes
| New feature?  | no <!-- don't forget updating src/**/CHANGELOG.md files -->
| BC breaks?    | no
| Deprecations? | no <!-- don't forget updating UPGRADE-*.md files -->
| Tests pass?   | yes
| Fixed tickets | #24095
| License       | MIT
| Doc PR        |

Commits
-------

0f0a6e8 PdoSessionHandler: fix advisory lock for pgsql when session.sid_bits_per_character > 4
@Tobion Tobion deleted the fix-pdo-session-advisory-lock-bits-per-char branch September 29, 2017 01:01
This was referenced Oct 5, 2017
Merged
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
Bug Status: Needs Review
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Tobion @fabpot @carsonbot