Mahara

Infinite redirect loop caused by logged out user in usr_session table

Bug #1734194 reported by Robert Lyon
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Mahara
Fix Released
Critical
Robert Lyon
Mahara 18.04.0
16.10
Fix Released
Critical
Unassigned
Mahara 16.10.7
17.04
Fix Released
Critical
Unassigned
Mahara 17.04.5
17.10
Fix Released
Critical
Unassigned
Mahara 17.10.1
18.04
Fix Released
Critical
Robert Lyon
Mahara 18.04.0

Bug Description

The USER object contains the id of the user that is logged in and it matches up to the usr_session table so we know which session is matched to what user.

When one is not logged in the USER object has id = 0

If for some reason we end up with usr = 0 in the usr_session table we end up in an infinite loop
because it tries to log out that dummy user but can't

It should never end up in the usr_session table.

So we need to do these things:
1) When saving data to usr_session table never save if user id = 0, instead throw warning
to avoid the problem

2) When reading usr_session data in auth_setup() function to ignore fetching info for usr = 0
to ignore bad data

behatnotneeded

Robert Lyon (robertl-9)
Changed in mahara:
importance: Undecided → Critical
milestone: none → 18.04.0
status: New → In Progress
assignee: nobody → Robert Lyon (robertl-9)
Revision history for this message
Mahara Bot (dev-mahara) wrote : A patch has been submitted for review

Patch for "master" branch: https://reviews.mahara.org/8306

Revision history for this message
Robert Lyon (robertl-9) wrote :

This bug is critical to fix in one sense: that it makes the site unusable with redirect loop

But is non-critical in another sense: that is virtually impossible to replicate under normal circumstances.

So yes we need to fix asap to avoid the problem when one logs in and fills up dataroot at same time causing logged out user to be saved in usr_session table

Revision history for this message
Mahara Bot (dev-mahara) wrote : A change has been merged

Reviewed: https://reviews.mahara.org/8306
Committed: https://git.mahara.org/mahara/mahara/commit/e7191aad045a594e2c3bd83a496accce1a0e7ea3
Submitter: Cecilia Vela Gurovic (<email address hidden>)
Branch: master

commit e7191aad045a594e2c3bd83a496accce1a0e7ea3
Author: Robert Lyon <email address hidden>
Date: Fri Nov 24 08:45:37 2017 +1300

Bug 1734194: Infinite loop site crash if usr = 0 saved in usr_session

The USER object will have id = 0 when a user is logged out

It should never end up in the usr_session table. This patch stops that
from happening and also ignores usr = 0 insession table with setting
up auth as well.

behatnotneeded

Change-Id: I0ba7afe0d21ae822daf8895af943f41048ba82b7
Signed-off-by: Robert Lyon <email address hidden>

Revision history for this message
Mahara Bot (dev-mahara) wrote : A patch has been submitted for review

Patch for "17.10_STABLE" branch: https://reviews.mahara.org/8315

Revision history for this message
Mahara Bot (dev-mahara) wrote :

Patch for "17.04_STABLE" branch: https://reviews.mahara.org/8316

Revision history for this message
Mahara Bot (dev-mahara) wrote :

Patch for "16.10_STABLE" branch: https://reviews.mahara.org/8317

Revision history for this message
Mahara Bot (dev-mahara) wrote : A change has been merged

Reviewed: https://reviews.mahara.org/8315
Committed: https://git.mahara.org/mahara/mahara/commit/5b891a21ce76eadceffae60b35ab8d41351122f5
Submitter: Robert Lyon (<email address hidden>)
Branch: 17.10_STABLE

commit 5b891a21ce76eadceffae60b35ab8d41351122f5
Author: Robert Lyon <email address hidden>
Date: Fri Nov 24 08:45:37 2017 +1300

Bug 1734194: Infinite loop site crash if usr = 0 saved in usr_session

The USER object will have id = 0 when a user is logged out

It should never end up in the usr_session table. This patch stops that
from happening and also ignores usr = 0 insession table with setting
up auth as well.

behatnotneeded

Change-Id: I0ba7afe0d21ae822daf8895af943f41048ba82b7
Signed-off-by: Robert Lyon <email address hidden>
(cherry picked from commit e7191aad045a594e2c3bd83a496accce1a0e7ea3)

Revision history for this message
Mahara Bot (dev-mahara) wrote :

Reviewed: https://reviews.mahara.org/8316
Committed: https://git.mahara.org/mahara/mahara/commit/756332e941b80146728b4c8b183d9cca74053d99
Submitter: Robert Lyon (<email address hidden>)
Branch: 17.04_STABLE

commit 756332e941b80146728b4c8b183d9cca74053d99
Author: Robert Lyon <email address hidden>
Date: Fri Nov 24 08:45:37 2017 +1300

Bug 1734194: Infinite loop site crash if usr = 0 saved in usr_session

The USER object will have id = 0 when a user is logged out

It should never end up in the usr_session table. This patch stops that
from happening and also ignores usr = 0 insession table with setting
up auth as well.

behatnotneeded

Change-Id: I0ba7afe0d21ae822daf8895af943f41048ba82b7
Signed-off-by: Robert Lyon <email address hidden>
(cherry picked from commit e7191aad045a594e2c3bd83a496accce1a0e7ea3)

Revision history for this message
Mahara Bot (dev-mahara) wrote :

Reviewed: https://reviews.mahara.org/8317
Committed: https://git.mahara.org/mahara/mahara/commit/128c3e765c2e6161b2ca3b2e9904b3f1e2f6d9a3
Submitter: Robert Lyon (<email address hidden>)
Branch: 16.10_STABLE

commit 128c3e765c2e6161b2ca3b2e9904b3f1e2f6d9a3
Author: Robert Lyon <email address hidden>
Date: Fri Nov 24 08:45:37 2017 +1300

Bug 1734194: Infinite loop site crash if usr = 0 saved in usr_session

The USER object will have id = 0 when a user is logged out

It should never end up in the usr_session table. This patch stops that
from happening and also ignores usr = 0 insession table with setting
up auth as well.

behatnotneeded

Change-Id: I0ba7afe0d21ae822daf8895af943f41048ba82b7
Signed-off-by: Robert Lyon <email address hidden>
(cherry picked from commit e7191aad045a594e2c3bd83a496accce1a0e7ea3)

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.