Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ProxyGenerator: do not generate long file names #1005

Open
wants to merge 1 commit into
base: 3.4.x
Choose a base branch
from

Conversation

JanTvrdik
Copy link

@JanTvrdik JanTvrdik commented Aug 8, 2023

The maximum file name length when using eCryptfs is 143 bytes. This causes issues with Doctrine proxies where with current implementation this limit can be exceeded.

This PR changes how proxy file name is generated to avoid hitting this limit.

eCryptfs can only store filenames of up to 143 characters when filename encryption is enabled. The remaining 112 characters are used for storing metadata such as the encrypted filename prefix, the signature of the filename encryption key, and an identifier for the cipher used, as well as random bytes to make /foo/file and /bar/file encrypt to different ciphertext and padding bytes to achieve proper cipher block size alignment.
https://bugs.launchpad.net/ecryptfs/+bug/344878

@derrabus
Copy link
Member

derrabus commented Aug 8, 2023

We're currently sunsetting the Common library including the proxy implementation. This is why I'm a bit reluctant to introduce this kind of change into the codebase at this point.

Furthermore, this is not a bugfix but rather a workaround for a very arbitrary limitation of the filesystem that you are using.

Can you elaborate what you use proxies for? Have you tried to work around the issue without changing doctrine/common?

@JanTvrdik
Copy link
Author

Can you elaborate what you use proxies for?

I'm using proxies as part of doctrine/orm.

Have you tried to work around the issue without changing doctrine/common?

Yes, but there is no easy way to use custom logic for naming proxies, because ProxyGenerator instance is created in constructor of Doctrine\ORM\Proxy\ProxyFactory and ProxyFactory instance is created in constructor of Doctrine\ORM\EntityManager.

@stof
Copy link
Member

stof commented Aug 8, 2023

@JanTvrdik on PHP 8.1 and newer, the ORM has a new proxy implementation (currently opt-in) that is based on the trait provided by symfony/var-exporter.

However, I think the new code in Doctrine\ORM\Proxy\ProxyFactory in doctrine/orm 2.17.x uses the same naming convention for files and so would suffer from the same issue.

@stof
Copy link
Member

stof commented Aug 8, 2023

@derrabus IMO, we should still do a bugfix in doctrine to avoid generating file names of arbitrary lengh. All filesystems have such limitations (it is just that eCryptfs has a max file name length that is but shorter than ext4 so it is easier to reach it). See https://bugs.launchpad.net/ecryptfs/+bug/344878/comments/10 for a comment in the ecryptfs explaining that.

The current file name generating takes the FQCN of the entity and uses that as part of the file name as is. This could even reach the ext4 limit if the FQCN is long enough.

However, I'm not sure spreading generated proxies in subfolder is the right approach to fix this.

@derrabus
Copy link
Member

derrabus commented Aug 8, 2023

However, I think the new code in Doctrine\ORM\Proxy\ProxyFactory in doctrine/orm 2.17.x uses the same naming convention for files and so would suffer from the same issue.

Then let's start with the ORM please. ORM 2.17 with recommended settings will bypass whatever we change in doctrine/common anyway.

@JanTvrdik JanTvrdik force-pushed the proxy-file-name-length-limit branch from 414ccd0 to 8136e31 Compare August 9, 2023 10:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants