Bug #27476 for Apache-Session: [PATCH] unserialize failures

Thu Jun 07 01:35:13 2007 rick [...] bort.ca - Ticket created

Subject:	[PATCH] unserialize failures
Date:	Thu, 7 Jun 2007 01:34:37 -0400
To:	bugs-Apache-Session [...] rt.cpan.org
From:	Rick Delaney <rick [...] bort.ca>

Storable::thaw() returns undef for certain kinds of failures instead of exceptions. For example, use Storable qw(nfreeze thaw); my $x = nfreeze([0]); chop $x; print "undef\n" unless defined thaw($x); This can lead to silent session-dropping which is very hard to debug. My problem was when trying to restore a large session using the MySQL Store. The session was truncated because I only used a BLOB field when I needed a LONGBLOB. Because of this, the session data was set to undef by unserialize (resulting in sending users back to the login screen). I'd guess that DB_File would suffer from this for large sessions, too. I've attached a patch to the Serialize classes which raises an exception when Storable::thaw() returns undef. Please consider it for your next release. Thanks, -- Rick Delaney rick@bort.ca

Message body is not shown because sender requested not to inline it.

Sun Jul 29 22:18:33 2007 mark [...] aufflick.com - Correspondence added

From:

mark [...] aufflick.com

I second this request - I've been manually making this patch for years (just never gotten around to submitting it...)

Sun Jul 29 22:18:34 2007 The RT System itself - Status changed from 'new' to 'open'

Fri Aug 03 18:57:25 2007 CHORNY [...] cpan.org - Correspondence added

1.83_01 has this patch applied. -- Alexandr Ciornii, http://chorny.net

Fri Aug 03 18:57:52 2007 CHORNY [...] cpan.org - Taken

Tue Oct 02 18:41:28 2007 CHORNY [...] cpan.org - Status changed from 'open' to 'resolved'

Tue Oct 02 18:41:29 2007 CHORNY [...] cpan.org - Fixed in 1.83_01 added