Ticket #422 (closed defect: fixed)

Opened 7 years ago

dup key possible in `set_item_confirmations()`

Reported by: dmorton Owned by: dmorton
Priority: high Milestone: 1.0.3
Component: PHP scripts Version: 1.0.2
Severity: normal Keywords:
Cc:

Description

A duplicate key situation is poosible in set_item_confirmations() which

does a string concatenation of "expired" + recipient_id + mail_id. Consider two user ids, 2 and 22, and two mail id's, 7 and 27. This results ina duplicate key for the token field:

 "expired" + "2" + "27" = "expired227"
 "expired" + "22" + "7" = "expired227"

The solution is simple: add a hyphen to separate the id's:

 "expired-" + "2" + "-" + "27" = "expired-2-27"
 "expired-" + "22" + "-" + "7" = "expired-22-7"

In practice, this condition shouldn't happen much, since it involves mail id's that are an order of magnitude different. However, if the process- quarantine.pl script is not being run, a database may fill up and leave enough data to create a conflict.

Change History

Changed 7 years ago by dmorton

  • status changed from new to closed
  • resolution set to fixed

added hphens in [1168]

Note: See TracTickets for help on using tickets.