Uploaded image for project: 'Lucee Development'
  1. LDEV-176

serializeJSON() on loaded ORM panics server

    Details

    • Type: Bug
    • Status: Deployed
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: 4.5.1.000
    • Fix Version/s: 5.1.1.58
    • Labels:
      None
    • Sprint:
      January 2017 Release

      Description

      Calling serializeJSON(entity) on a loaded ORM entity with relationships will send the server in to panic with 100% CPU usage of all available cores.

      The ACF implementation of this uses toString() recursively on variables and will not recurse to lazy=true relationships.

      While the bug was discovered by a mistake on my part (I have since sanitized the data prior to serialization), a graceful Exception strategy, or better yet, a simple recursion strategy should be implemented to allow for conditional conversion of ORM objects.

      Notes:

      • Tested as unrecoverable on a server with 2GB of memory, but recoverable on a server with greater than 8.
      • The test entity contained injected non-persistent object and config struct properties as well. I am attaching an ACF JSON serialization of the entity for reference

        Attachments

          Activity

            People

            • Assignee:
              michaeloffner Michael Offner
              Reporter:
              jclausen jclausen (Inactive)
            • Votes:
              1 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: