Subject: | PostgreSQL Driver can cause crashes if database is missing information |
When using the PostgreSQL driver, CGI::Session will attempt to deserialize an undefined value if the database does not contain the session key specified. This can cause some serializers (such as FreezeThaw) to return a structure instead of undef, resulting in problems further down the line (eg; an undefined 'id' value in the session object).
I have attached a small patch that fixes this problem.
Cheers,
Tyler
Change 140121 by tylerm@tylerm-pipewrench on 2005/04/26 16:23:44
fix a small bug in CGI::Session
rq=tylerm - note to self, submit this to CPAN
Affected files ...
... //depot/main/Appliance/src/pmx/cpan-packages/CGI-Session/Session/PostgreSQL.pm#2 edit
Differences ...
==== //depot/main/Appliance/src/pmx/cpan-packages/CGI-Session/Session/PostgreSQL.pm#2 (text) ====
@@ -114,7 +114,11 @@
$self->error("Couldn't acquire data on id '$sid'");
return undef;
}
- return $self->thaw($data);
+ if($data) {
+ return $self->thaw($data);
+ } else {
+ return;
+ }
}