Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

mb_substr() should be used on strings, if available (2.0 and master branches) #727

Closed
mfb opened this issue Dec 12, 2018 · 5 comments · Fixed by #774
Closed

mb_substr() should be used on strings, if available (2.0 and master branches) #727

mfb opened this issue Dec 12, 2018 · 5 comments · Fixed by #774

Comments

@mfb
Copy link
Contributor

mfb commented Dec 12, 2018
edited
Loading

There are places in the 2.0 and master branches where strings are truncated using substr(), which results in invalid UTF-8 if a multibyte character is truncated. Strings should be truncated by mb_substr() if the function is available.

See e.g.

if (isset($data['message'])) {
  $data['message'] = substr($data['message'], 0, $this->message_limit);
}
$event->setMessage(substr($message, 0, Client::MESSAGE_MAX_LENGTH_LIMIT), $messageParams);
@ste93cry
Copy link
Collaborator

You're absolutely right, are you willing to open a PR to fix the issue?

@mfb
Copy link
Contributor Author

mfb commented Dec 12, 2018

It looks like 2.0 branch requires mbstring so we don't need conditional logic there? Except, there is some already - if (function_exists('mb_detect_encoding')

@ste93cry
Copy link
Collaborator

Since we're requiring mbstring any conditional that exists can be removed safely, so green light for cleaning up the code

mfb added a commit to mfb/sentry-php that referenced this issue Jan 5, 2019
@mfb
new Raven_Compat::substr() method calls mb_substr() if available fixes
5a76a7f 
…getsentry#727
@mfb mfb mentioned this issue Jan 5, 2019
Merged
@mfb
Copy link
Contributor Author

mfb commented Jan 5, 2019

On the 2.0 branch it looks like there is a hardcoded message limit? I don't think that's a good idea, based on my experience with apps that dump huge SQL query strings (along with other useless stuff) into the message, which was needed to debug the bad SQL. This required me to set message limit to as much as 8192 characters, which Sentry server is perfectly happy to accept.

@Jean85
Copy link
Collaborator

Jean85 commented Jan 7, 2019

On the 2.0 branch it looks like there is a hardcoded message limit? I don't think that's a good idea [...]

@HazAT what do you think about this? Should we make the message limit customizable?

@mfb mfb mentioned this issue Jan 19, 2019
Merged
mfb added a commit to mfb/sentry-php that referenced this issue Jan 27, 2019
@mfb
Allow formatted message to be passed in event payload (fixes getsentr…
2b81119 
…y#750); use mb_substr (refs getsentry#727)
@mfb mfb mentioned this issue Jan 27, 2019
Merged
mfb added a commit to mfb/sentry-php that referenced this issue Jan 31, 2019
@mfb
Allow formatted message to be passed in event payload (fixes getsentr…
d787b5a 
…y#750); use mb_substr (refs getsentry#727).
@ste93cry ste93cry mentioned this issue Feb 20, 2019
Merged
stayallive pushed a commit that referenced this issue May 4, 2019
@mfb @stayallive
Raven_Compat::substr() method for calling mb_substr() if available (#734
7291b29 
)

* new Raven_Compat::substr() method calls mb_substr() if available fixes #727

* fix tests to support multibyte truncation.

* add Raven_Compat::strlen() method and cleanup Serializer
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Use mb_* functions to handle serialization and unicode file paths
3 participants
@mfb @ste93cry @Jean85