Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fail if unserialize is unable to parse output of child process #230

Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open

Fail if unserialize is unable to parse output of child process #230

wants to merge 5 commits into from

Conversation

MarcHagen
Copy link

@MarcHagen MarcHagen commented Aug 28, 2024
edited
Loading

In ParallelProcess in getOutput() is checked if the unserialize is successful.
When it fails, is sets the errorOutput to the process output.

async/src/Process/ParallelProcess.php

Lines 71 to 75 in c270e69

$this->output = @unserialize(base64_decode($processOutput));
if (! $this->output) {
$this->errorOutput = $processOutput;
}

But this is not validated anymore because the check is already passed.

async/src/Process/ProcessCallbacks.php

Lines 35 to 50 in c270e69

public function triggerSuccess()
{
if ($this->getErrorOutput()) {
$this->triggerError();
return;
}
$output = $this->getOutput();
foreach ($this->successCallbacks as $callback) {
call_user_func_array($callback, [$output]);
}
return $output;
}

Moving the getOutput() before the error output check will ensure all error output cases are handled properly.

Adding extra checks on the output of the child processes, we can ensure the output of the task is not false or null, falsely triggering the errorOutput.
By changing the ChildRuntime output to a predictable array ensures we can check if something is wrong with parsing the child processes output.

@MarcHagen MarcHagen changed the title Fail if unserialize is unable to parse output Fail if unserialize is unable to parse output of child process Aug 28, 2024
MarcHagen and others added 4 commits August 29, 2024 13:37
@MarcHagen
Add test to verify STDOUT unserialization is successful
f160ce5
@MarcHagen
Fail if unserialize is unable to parse output
b9dec08 
In `ParallelProcess` in `getOutput()` is checked if the `unserialize` is successful. 
When it fails, is sets the `errorOutput` to the process output. 
But this is not validated anymore because the check is already passed.
Moving the `getOutput()` before the error output check will ensure all error output cases are handled properly.
@MarcHagen
Make own output from the child process so we can check on it
7a0b08c
@MarcHagen
Catch php://output and add to output.
ac545b6 
Any writes to `php://stdout` will break the unserialization of child process results
@MarcHagen
Fix child test (should have never worked)
bc87ce6 
But it did because the child process output was "childTjs=" but this is incorrect and cannot be unserialized.
@spatie-bot
Copy link

Dear contributor,

because this pull request seems to be inactive for quite some time now, I've automatically closed it. If you feel this pull request deserves some attention from my human colleagues feel free to reopen it.

@spatie-bot spatie-bot closed this Dec 30, 2024
@MarcHagen
Copy link
Author

@spatie-bot your human colleagues seem not to care, either do you by not poking them first.

@freekmurze freekmurze reopened this Dec 30, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@MarcHagen @spatie-bot @freekmurze