EDI: fetch can crash if file it's fetching zero-length

Bug #1667835 reported by Galen Charlton on 2017-02-24
14
This bug affects 3 people
Affects Status Importance Assigned to Milestone
Evergreen
Undecided
Unassigned
2.10
Undecided
Unassigned
2.11
Undecided
Unassigned

Bug Description

Because of what appears to be an unfortunate interaction between Net::FTP 2.79, IO::Scalar 2.110, and Perl 5.20, if an EDI message provider supplies a zero-length file to retrieve via FTP, edi_fetcher.pl can crash with an error like this:

1 of X targets: ftp://example.com/out/zero_length_file.response
Use of uninitialized value $filename in concatenation (.) or string at /usr/local/share/perl/5.20.2/OpenILS/Utils/RemoteAccount.pm line 619.
Can't use an undefined value as an ARRAY reference at /usr/local/share/perl/5.20.2/OpenILS/Application/Acq/EDI.pm line 187.

This of course breaks retrieving and processing any other EDI message files that may be available.

Despite the specific versions listed above, it's not clear to me if other versions are problematic, but the patch I'm writing shouldn't get in the way if other combinations of Net::FTP, IO::Scalar, and Perl versions don't have the problem.

Evergreen 2.10+

Galen Charlton (gmc) wrote :

A patch is available in the user/gmcharlt/lp1667835_edi_fetcher_meets_zero branch:

git.evergreen-ils.org/?p=working/Evergreen.git;a=shortlog;h=refs/heads/user/gmcharlt/lp1667835_edi_fetcher_meets_zero

tags: added: acq edi pullrequest
Changed in evergreen:
status: New → Confirmed
milestone: none → 2.next
Jason Stephenson (jstephenson) wrote :

We've been using this in production for a week at C/W MARS with no issues.

I've added my signoff and pushed to master, rel_2_11, and rel_2_10.

Thanks, Galen and Chris!

Changed in evergreen:
status: Confirmed → Fix Committed
Ben Shum (bshum) on 2017-03-04
Changed in evergreen:
milestone: 2.next → 2.12-rc
Changed in evergreen:
status: Fix Committed → Fix Released
no longer affects: evergreen/2.12
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers