[Phalcon 1.3.0] Unable de overwrite Cookie => Segmentation Fault

Question

[Phalcon 1.3.0] Unable de overwrite Cookie => Segmentation Fault

jimjim2a Mar '14

Created Mar '14	Last Reply Oct '14	Replies 4	Views 991	Votes 0

jimjim2a 3.2k

Mar '14

Hello everyone,

thanks to the great job you're doing. I started developing with Phalcon 3 months ago, and i really love it.

Since this morning and the upgrade to Phalcon 1.3.0 the following issue appears everytime I want to overwrite a cookie :

if I do this :

$cookies = $this->getDI()->getCookies();
$cookies->set("mycookie", "test", time() + 3600, "/");

If there was no cookie before this, everything is fine. But if there is already a cookie the overwrite makes Apache crash. (502 error).

I precise that cookie encryption is disabled.

Wed Mar 19 18:00:22.834263 2014] [core:notice] [pid 8164] AH00052: child pid 13422 exit signal Segmentation fault (11)

The environment is Linux Debian, Apache 2.4.7, PHP 5.5.8.

Again, thanks a lot !

Phalcon · Answer 1 · 2014-03-19T11:04:12-07:00

I'm not able to reproduce this, I have used these scenarios, all of them are working:

1) Cookies without session without encryption:

<?php

$di = new \Phalcon\DI\FactoryDefault();

$di['cookies'] = function() {
    $cookies = new Phalcon\Http\Response\Cookies();
    $cookies->useEncryption(false);
    return $cookies;
};

class X extends \Phalcon\DI\Injectable
{
    public function x()
    {
        $cookies = $this->getDI()->getCookies();
        $cookies->set("mycookie", "test", time() + 3600, "/");
    }
}

$x = new X;
$x->setDI($di);
$x->x();

$di['cookies']->send();

var_dump($_COOKIE);

Running here: https://phosphorum.com/test2.php

2) Cookies with session without encryption:

<?php

$di = new \Phalcon\DI\FactoryDefault();

$di['session'] = function() {
    $session = new \Phalcon\Session\Adapter\Files();
    $session->start();
    return $session;
};

$di['cookies'] = function() {
    $cookies = new Phalcon\Http\Response\Cookies();
    $cookies->useEncryption(false);
    return $cookies;
};

class X extends \Phalcon\DI\Injectable
{
    public function x()
    {
        $cookies = $this->getDI()->getCookies();
        $cookies->set("mycookie", "test", time() + 3600, "/");
    }
}

$x = new X;
$x->setDI($di);
$x->x();

$di['cookies']->send();

var_dump($_SESSION);
var_dump($_COOKIE);

Running here: https://phosphorum.com/test3.php

2) Cookies with session with encryption:

<?php

$di = new \Phalcon\DI\FactoryDefault();

$di['session'] = function() {
    $session = new \Phalcon\Session\Adapter\Files();
    $session->start();
    return $session;
};

$di['cookies'] = function() {
    $cookies = new Phalcon\Http\Response\Cookies();
    return $cookies;
};

$di['crypt'] = function() {
        $crypt = new Phalcon\Crypt();
        $crypt->setKey('.1dj8$=dp?.ak//j1V$');
        return $crypt;
};

class X extends \Phalcon\DI\Injectable
{
    public function x()
    {
        $cookies = $this->getDI()->getCookies();
        $cookies->set("mycookie", "test", time() + 3600, "/");
    }
}

$x = new X;
$x->setDI($di);
$x->x();

$di['cookies']->send();

var_dump($_SESSION);
var_dump($_COOKIE);

Running here: https://phosphorum.com/test4.php

You may need to close and reopen the browser to see them running independtly.

Could you please post a full test that reproduce the problem?

jimjim2a · Answer 2 · 2014-03-19T11:38:13-07:00

Of course ! Thanks for your response !

Tomorrow morning i'll perform the 3 tests you posted and post here the relative results!

Have a nice evening

jimjim2a · Answer 3 · 2014-03-20T01:33:25-07:00

Good Morning all !

Problem solved !

In my authentication process until 1.3.0 I was fetching cookie value (using cookies service) by just doing :

$myCookieVal = $cookies->get('mycookie');

And this morning I realized that the proper way to get cookie value is doing this :

$myCookieVal = $cookies->get('mycookie')->getValue();

And everything's right ! I don't know why the first syntax worked before the upgrade anyway.

Dylan Anderson · Answer 4 · 2014-03-20T08:53:53-07:00

If you can reliably cause a segmentation fault, you should file this as a bug anyway. While you were doing something incorrectly, nothing you do should ever cause a segmentation fault.

Lewiz · Answer 5 · 2014-10-28T18:52:01-07:00

There was definetly a segmentation fault relating to cookies and authentication on 1.3.0. I was getting a segmentation fault when trying to login on a Wordpress blog and in the end it was phalcon's fault (why, I don't know, maybe someone could explain it). I updated the extention and the problem went away. Just letting this comment as an advice!

Thien Tran · Answer 6 · 2014-10-28T20:18:49-07:00

This mean path store session do not permission overwrite, you must to set permission for it or change path, for example if you using Nginx

; Default Value: nothing is defined by default except the values in php.ini and
;                specified at startup with the -d argument
;php_admin_value[sendmail_path] = /usr/sbin/sendmail -t -i -f [email protected]
;php_flag[display_errors] = off
php_admin_value[error_log] = /var/log/php-fpm/www-error.log
php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 128M

; Set session path to a directory owned by process user
php_value[session.save_handler] = files
php_value[session.save_path]    = /tmp
php_value[soap.wsdl_cache_dir]  = /var/lib/php/wsdlcache

In example above I change default path /var/lib/session/ to be /tmp. Also you can chmod it

sudo chown nginx:nginx -R /var/lib/session && chmod 777 /var/lib//session