Page MenuHomePhorge

Fix PHP 8.1 "strlen(null)" exception setting Story Points on a Task
ClosedPublic

Authored by aklapper on May 12 2023, 21:21.

Details

Summary

strlen() was used in Phabricator to check if a generic value is a non-empty string.
This behavior is deprecated since PHP 8.1. Here we adopt phutil_string_cast() to
reply to the question "is this an empty string?".

Note: this may highlight other absurd input values that might be worth correcting
instead of just ignoring. If phutil_string_cast() throws an exception in your
instance, report it to Phorge to evaluate and fix that specific corner case.

Closes T15390

Test Plan

Enable maniphest.points in settings, for example with:

./bin/config set maniphest.points --stdin <<< '{"enabled":true}'

Then try to create a Task: it does not explode anymore in PHP 8.1+.

Also try to set various possible values from the Conduit API method "maniphest.edit".

Diff Detail

Repository
rP Phorge
Branch
changePoints (branched from master)
Lint
Lint Passed
Unit
Tests Passed
Build Status
Buildable 405
Build 405: arc lint + arc unit

Event Timeline

lol, maybe makes more sense just to remove this three lines instead of blindly replacing a function call? :P

I was a bit suspicious about Conduit API possibilities (https://we.phorge.it/conduit/method/maniphest.edit/) and I was able to cause a crash with a numerical point like 2 via JSON:

echo '{
  "transactions": [
    {
      "type": "points",
      "value": 2
    }
  ],
  "objectIdentifier": "T1"
}' | arc call-conduit --conduit-uri http://phorge.localhost/ --conduit-token "<yourtoken>" -- maniphest.edit

Hoping to be useful I will amend with a proposal fix

This revision now requires changes to proceed.May 20 2023, 15:47

applied a proposed amend after discussing with the kind @aklapper

valerio.bozzolan retitled this revision from Fix PHP 8.1 "strlen(null)" exception setting story points on a task to Fix PHP 8.1 "strlen(null)" exception setting Story Points on a Task.May 20 2023, 16:01
valerio.bozzolan edited the summary of this revision. (Show Details)
valerio.bozzolan edited the test plan for this revision. (Show Details)

Thanks for this patch and for our live ping-pong

I tested like in the meme "A software tester walks into a bar" through the API conduit, ordering an integer, a lizard, etc. No nuclear implosions. But probably a real customer will ask to go to the toilet, causing an implosion at the subatomic level.

sgtm

This revision is now accepted and ready to land.May 20 2023, 16:07

add a bit of inline documentation with what I've understood so far