Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Rebuild and repair can lead to malformed grouped JS files #10505

Open
fswebteam opened this issue Aug 21, 2024 · 0 comments · May be fixed by #10507
Open

Rebuild and repair can lead to malformed grouped JS files #10505

fswebteam opened this issue Aug 21, 2024 · 0 comments · May be fixed by #10507
Labels
Priority:Important Issues & PRs that are important; broken functions, errors - there are workarounds Severity: Moderate Key function failed, but no or little impact Status:Fix Proposed A issue that has a PR related to it that provides a possible resolution Type: Bug Bugs within the core SuiteCRM codebase

Comments

@fswebteam
Copy link

Issue

Hello, we recently run into strange issue which caused various errors on the JS grouped scripts. After deeper analysis of these files and comparing them with the properly working files from some backups, we discovered that some parts of the code are repeated and causing issues.
I then spend some time on analysing the entire flow of how these files are gnerated and discovered that there is no any locking mechanism introduced, which can lead to the scenario where multuiple processes can append individual js files into the target JS file in cache.

The problem is in t he ConcatenateFiles function in jssource/minify_utils.php
this function is appending the individual JS files without locking the target file, so the other calls to this function can append the same stuff without any problem.

This wouldn't be a big problem if this can only by triggered from the repair section of the admin panel but unfortunately this can also be fired from the login screen view when the cached version of includes/ajavascript/sugar_grp1.js files is not available.

This is includes\MVC\View\SugarView.php:

        if (!is_file(sugar_cached("include/javascript/sugar_grp1.js"))) {
            $_REQUEST['root_directory'] = ".";
            require_once("jssource/minify_utils.php");
            ConcatenateFiles(".");
        }

so any visitor or bot that is opening the login screen of the CRM while the rebuild and repair process is running can lead to this issue I described.

Possible Fix

  1. Implement file locking, or
  2. build group js file with some unique (per process) temporary name and rename/replace it after it is complete (override existing file if found), or
  3. introduce simple maintenance mode that could block access to the non-admin parts whle rebuild or upgrade is happening

Steps to Reproduce the Issue

1. run rebuild and repair
2. trigger multiple calls to the login screen (like ab tool)
3. verify integrity of the grouped JS files

Context

No response

Version

7.11.18

What browser are you currently using?

Chrome

Browser Version

No response

Environment Information

PHP 7.2.34 and 10.3.38-MariaDB

Operating System and Version

ubuntu 20
@fswebteam fswebteam added the Type: Bug Bugs within the core SuiteCRM codebase label Aug 21, 2024
chris001 added a commit to chris001/SuiteCRM that referenced this issue Aug 22, 2024
@chris001
Fix salesagility#10505 Rebuild and repair can lead to malformed group…
3e676c8 
…ed JS files

Make other processes (web users) wait to read the grouped JS files until AFTER they're completely concatenated and written out to disk.
@chris001 chris001 linked a pull request Aug 22, 2024 that will close this issue
Open
6 tasks
@johnM2401 johnM2401 added Status:Fix Proposed A issue that has a PR related to it that provides a possible resolution Priority:Important Issues & PRs that are important; broken functions, errors - there are workarounds Severity: Moderate Key function failed, but no or little impact labels Oct 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Priority:Important Issues & PRs that are important; broken functions, errors - there are workarounds Severity: Moderate Key function failed, but no or little impact Status:Fix Proposed A issue that has a PR related to it that provides a possible resolution Type: Bug Bugs within the core SuiteCRM codebase
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix #10505 Rebuild and repair can lead to malformed grouped JS files chris001/SuiteCRM
2 participants
@johnM2401 @fswebteam