From: Michael Marley Date: Thu, 23 Apr 2015 12:46:43 +0000 (-0400) Subject: Execute initDbSession() on DB reconnects X-Git-Tag: travis-deploy-test~569^2 X-Git-Url: https://git.quassel-irc.org/?p=quassel.git;a=commitdiff_plain;h=6605882f41331c80f7ac3a6992650a702ec71283 Execute initDbSession() on DB reconnects Previously, the initDbSession() function would only be run on the initial connect. Since the initDbSession() code in PostgreSQL is used to fix the CVE-2013-4422 SQL Injection bug, this means that Quassel was still vulnerable to that CVE if the PostgreSQL server is restarted or the connection is lost at any point while Quassel is running. This bug also causes the Qt5 psql timezone fix to stop working after a reconnect. The fix is to disable Qt's automatic reconnecting, check the connection status ourselves, and reconnect if necessary, executing the initDbSession() function afterward. --- diff --git a/src/core/abstractsqlstorage.cpp b/src/core/abstractsqlstorage.cpp index cb074547..dce39cb2 100644 --- a/src/core/abstractsqlstorage.cpp +++ b/src/core/abstractsqlstorage.cpp @@ -53,7 +53,14 @@ QSqlDatabase AbstractSqlStorage::logDb() if (!_connectionPool.contains(QThread::currentThread())) addConnectionToPool(); - return QSqlDatabase::database(_connectionPool[QThread::currentThread()]->name()); + QSqlDatabase db = QSqlDatabase::database(_connectionPool[QThread::currentThread()]->name(),false); + + if (!db.isOpen()) { + qWarning() << "Database connection" << displayName() << "for thread" << QThread::currentThread() << "was lost, attempting to reconnect..."; + dbConnect(db); + } + + return db; } @@ -90,6 +97,12 @@ void AbstractSqlStorage::addConnectionToPool() db.setPassword(password()); } + dbConnect(db); +} + + +void AbstractSqlStorage::dbConnect(QSqlDatabase &db) +{ if (!db.open()) { quWarning() << "Unable to open database" << displayName() << "for thread" << QThread::currentThread(); quWarning() << "-" << db.lastError().text(); diff --git a/src/core/abstractsqlstorage.h b/src/core/abstractsqlstorage.h index 90a8aa98..c39e826b 100644 --- a/src/core/abstractsqlstorage.h +++ b/src/core/abstractsqlstorage.h @@ -87,6 +87,7 @@ private slots: private: void addConnectionToPool(); + void dbConnect(QSqlDatabase &db); int _schemaVersion; bool _debug;