News:

Support the VirtueMart project and become a member

Main Menu

Infinite recursion on VM3.4.2 (Virtuemart bug)

Started by stAn99, October 12, 2018, 10:50:20 AM

Previous topic - Next topic

stAn99

Hello friends, we just discovered a possible memory leak and infinite recursion bug on VM3.4.2 when handling 404 category pages in some cases.

we must had adjusted:
\components\com_virtuemart\views\category\view.html.php

original code:

//No redirect here, for category id = 0 means show ALL categories! note by Max Milbers
if ((!empty($this->categoryId) and $this->categoryId!==-1 ) and (empty($category->slug) or !$category->published)) {
$this->handle404();
}


with:

//No redirect here, for category id = 0 means show ALL categories! note by Max Milbers
if ((!empty($this->categoryId) and $this->categoryId!==-1 ) and (empty($category->slug) or !$category->published)) {
static $wasHere;
if (empty($wasHere)) {
$wasHere = true;
$this->handle404();
}
}


now the page simply says:
Category not found

which is better then waisting all available RAM of the server due to this.

also posted on our OPC's support forum:
https://www.rupostel.com/phpBB3/posting.php?mode=edit&f=7&p=7752

best regards, stan
----
RuposTel.com
www.rupostel.com
Your customized checkout solution for Virtuemart

Studio 42

I have same problem when google try to load a unpublished category = infinit loop and have some time slowdown.
I hope it's the right solution and dev add a fix for this because a hacker can shutdown a shop only using this trick.

AH

#2
If you cannot wait for a "fix"

Turn off Vm404 error handling in VM configuration

labelled "Enable VirtueMart 404 error handling"

The error handling will then use Joomla's default methods
Regards
A

Joomla 3.10.11
php 8.0

thefbi

Hello,

ok, thank you, that did the trick for now.

welrachid

#4
possible related issue removed since it was not related after all
Best regards,
Wel

GJC Web Design

GJC Web Design
VirtueMart and Joomla Developers - php developers https://www.gjcwebdesign.com
VM4 AusPost Shipping Plugin - e-go Shipping Plugin - VM4 Postcode Shipping Plugin - Radius Shipping Plugin - VM4 NZ Post Shipping Plugin - AusPost Estimator
Samport Payment Plugin - EcomMerchant Payment Plugin - ccBill payment Plugin
VM2 Product Lock Extension - VM2 Preconfig Adresses Extension - TaxCloud USA Taxes Plugin - Virtuemart  Product Review Component
https://extensions.joomla.org/profile/profile/details/67210
Contact for any VirtueMart or Joomla development & customisation

welrachid

im seeing this on all pages that i have running vm, where any 404 will generate this infinite loop. This means that _all_ new installations of vm will be "born" with this problem due to the missing .css file that has been removed.

when 404 handling is enabled in vm it will case this infinite loop (all my pages have sef friendly urls etc.)
Best regards,
Wel

GJC Web Design

This isn't true .. the recursion discussed here is a Frontend thing caused by the cat view

I just deleted my toolbar_images.css -- fine -- I get a 500 error

Error: Call to undefined method Joomla\CMS\Document\RawDocument::addHeadLink(): View not found [name, type, prefix]: category, css, contentView

but that's it -- even with full error and debugging it doesn't even throw a notice or log
I only see this error if I try to access the file directly administrator/components/com_virtuemart/assets/css/toolbar_images.css?vmver=01d6f5e0
  .. it gets treated like a normal missing file by the site, page loads normally and the page is as fast as ever

and certainly no recursion  -- the VM  404 error handling is a frontend thing

something is different on your server in the way that it is handling this error

but of course agree that the call to to this file must be removed
GJC Web Design
VirtueMart and Joomla Developers - php developers https://www.gjcwebdesign.com
VM4 AusPost Shipping Plugin - e-go Shipping Plugin - VM4 Postcode Shipping Plugin - Radius Shipping Plugin - VM4 NZ Post Shipping Plugin - AusPost Estimator
Samport Payment Plugin - EcomMerchant Payment Plugin - ccBill payment Plugin
VM2 Product Lock Extension - VM2 Preconfig Adresses Extension - TaxCloud USA Taxes Plugin - Virtuemart  Product Review Component
https://extensions.joomla.org/profile/profile/details/67210
Contact for any VirtueMart or Joomla development & customisation

welrachid

i see.
Then you have more data than i have. I just used a fresh joomla installation (without any sample data) and then installed newest VM and then saw this problem.

Have you both SEF urls and rewrite enabled on the site you are testing with?
If they both are on, then i guess you are right.. that my issue was not related
Best regards,
Wel

GJC Web Design

QuoteHave you both SEF urls and rewrite enabled on the site you are testing with?

these settings have no effect on the admin
GJC Web Design
VirtueMart and Joomla Developers - php developers https://www.gjcwebdesign.com
VM4 AusPost Shipping Plugin - e-go Shipping Plugin - VM4 Postcode Shipping Plugin - Radius Shipping Plugin - VM4 NZ Post Shipping Plugin - AusPost Estimator
Samport Payment Plugin - EcomMerchant Payment Plugin - ccBill payment Plugin
VM2 Product Lock Extension - VM2 Preconfig Adresses Extension - TaxCloud USA Taxes Plugin - Virtuemart  Product Review Component
https://extensions.joomla.org/profile/profile/details/67210
Contact for any VirtueMart or Joomla development & customisation

welrachid

#10
So this frontend template has no effect on admin 404?
https://prnt.sc/l6a3it

remember that there is not .htaccess in the administrator directory, this means that /index.php will be the one handling files not found.

# RewriteBase /

## Begin - Joomla! core SEF Section.
#
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
#
# If the requested path and file is not /index.php and the request
# has not already been internally rewritten to the index.php script
RewriteCond %{REQUEST_URI} !^/index\.php
# and the requested path and file doesn't directly match a physical file
RewriteCond %{REQUEST_FILENAME} !-f
# and the requested path and file doesn't directly match a physical folder
RewriteCond %{REQUEST_FILENAME} !-d
# internally rewrite the request to the index.php script
RewriteRule .* index.php [L]
#
## End - Joomla! core SEF Section.


Not sure if its something in the current template that is causing this (joomshaper helix3)
Best regards,
Wel

GJC Web Design

its showing its own page but  I cant see  $this->handle404(); from VM is involved
GJC Web Design
VirtueMart and Joomla Developers - php developers https://www.gjcwebdesign.com
VM4 AusPost Shipping Plugin - e-go Shipping Plugin - VM4 Postcode Shipping Plugin - Radius Shipping Plugin - VM4 NZ Post Shipping Plugin - AusPost Estimator
Samport Payment Plugin - EcomMerchant Payment Plugin - ccBill payment Plugin
VM2 Product Lock Extension - VM2 Preconfig Adresses Extension - TaxCloud USA Taxes Plugin - Virtuemart  Product Review Component
https://extensions.joomla.org/profile/profile/details/67210
Contact for any VirtueMart or Joomla development & customisation

welrachid

Best regards,
Wel

stAn99

hello, in some cases when default joomla htaccess for sef is used, missing static files (such as images, css, or else) load index.php and if the default page is virtuemart, then you also get the infinite loop per the problem described here.

that way 4 missing files will put down your server completely.

generally you must make sure that static files always return 404 without loading index.php

you can try to add this to your .htaccess to the front:


RewriteEngine On

#stan: never load index.php for static files:
RewriteRule ^(.*?)\.(php|css|js|jpg|jpeg|png|pdf|cur|eot|ttf|woff|ico|woff2|svg|json|txt)$ - [L]



you can adjust the list of static files extensions as needed.

best regards, stan
----
RuposTel.com
www.rupostel.com
Your customized checkout solution for Virtuemart

Milbo

#14
Good work, Stan. the right fix from my point of view is in view.html.php of the category view

around line 678

$cat = VmModel::getModel('category')->getCategory($last_category_id, false, true);
if(empty($cat->virtuemart_category_id) or !$cat->published){
$last_category_id = 0;
}


I added already a check if the category exists, but forgot to check for published. Another idea to fix is to implement the 3rd parameter to the function getCategory, correctly.
Should I fix your bug, please support the VirtueMart project and become a member
______________________________________
Extensions approved by the core team: http://extensions.virtuemart.net/