Orm: Cache id "[*_1 1][2]" contains unauthorized character " "

Created on 10 Mar 2020 · 9Comments · Source: doctrine/orm

Bug Report

When I use doctrine with Symfony 4.3 and second level cache with Memcached
this error appears

Cache id "[*_1 1][2]" contains unauthorized character " "

after a few investigations, I found bug and solution

| Q | A
|------------ | ------
| BC Break | yes
| Version | 1.10.0
| Package | doctrine\cache
| File | vendor/doctrine/orm/lib/Doctrine/ORM/Cache/EntityCacheKey.php
| Line

Summary

vendor/doctrine/orm/lib/Doctrine/ORM/Cache/EntityCacheKey.php

On line 55:
$this->hash = str_replace('\', '.', strtolower($entityClass) . '_' . implode(' ', $identifier));

Current behavior

You can't use implode with space delimiter since space delimiter is unauthorized character in ID.

How to reproduce

Symofony 4.3 with second level cache enabled memcached used

Expected behavior

Cache Key Id can't contains " " space character
it's any possibility to add this fix to next release?

Fix

Fix:
$this->hash = str_replace('\', '.', strtolower($entityClass) . '_' . implode('-', $identifier));

Source

sjurajpuchky

👍3

Most helpful comment

@SenseException what key should we pick? i propose ; # or = - something that is unlikely a character in a string based id, which both - and _ could easily be.

I'd suggest following the guidelines in https://www.php-fig.org/psr/psr-16/:

Key - A string of at least one character that uniquely identifies a cached item. Implementing libraries MUST support keys consisting of the characters A-Z, a-z, 0-9, _, and . in any order in UTF-8 encoding and a length of up to 64 characters. Implementing libraries MAY support additional characters and encodings or longer lengths, but MUST support at least that minimum. Libraries are responsible for their own escaping of key strings as appropriate but MUST be able to return the original unmodified key string. The following characters are reserved for future extensions and MUST NOT be supported by implementing libraries: {}()/\@:

lcobucci on 16 Mar 2020

👍2

All 9 comments

I think that _ will be better.

asamats on 13 Mar 2020

_ is already used for delimiting className and key

sjurajpuchky on 13 Mar 2020

@sjurajpuchky Would you like to open a pull request with your fix? It would be much appreciated.

SenseException on 13 Mar 2020

👍1

@SenseException go ahead :)

sjurajpuchky on 13 Mar 2020

@SenseException what key should we pick? i propose ; # or = - something that is unlikely a character in a string based id, which both - and _ could easily be.

Something really save from conflicts with two string based composite ids is wrapping in []:

$this->hash = str_replace('\', '.', strtolower($entityClass) . '_[' . implode('][', $identifier)) . ']';

beberlei on 15 Mar 2020

@beberlei it should be, but sounds better

$this->hash = str_replace('\\', '.', strtolower($entityClass) . '_[' . implode('][', $identifier) . ']');

sjurajpuchky on 15 Mar 2020

I can even think about using $. I would expect that character only when a variable in a string wasn't handled correctly by a developer.

SenseException on 15 Mar 2020

@SenseException what key should we pick? i propose ; # or = - something that is unlikely a character in a string based id, which both - and _ could easily be.

I'd suggest following the guidelines in https://www.php-fig.org/psr/psr-16/:

Key - A string of at least one character that uniquely identifies a cached item. Implementing libraries MUST support keys consisting of the characters A-Z, a-z, 0-9, _, and . in any order in UTF-8 encoding and a length of up to 64 characters. Implementing libraries MAY support additional characters and encodings or longer lengths, but MUST support at least that minimum. Libraries are responsible for their own escaping of key strings as appropriate but MUST be able to return the original unmodified key string. The following characters are reserved for future extensions and MUST NOT be supported by implementing libraries: {}()/\@: