XF 2.0 MariaDB 10.3.26-1 Breaks PHP < 7.2

MattW

Well-known member
Just wanting to post this here, as I've spent the last 2 hours fault finding an issue on my servers this morning.

cPanel servers, all the latest updates. MariaDB automatically updated to 10.3.26-1 over night as part of the cPanel yum update.

As soon as this happened, any XenForo site running on PHP7.2 or below broke!

Code:
[04-Nov-2020 08:24:41 UTC] PHP Fatal error:  Uncaught XF\Db\Exception: MySQL query error [1835]: Malformed communication packet in /home/XXX/public_html/community/src/XF/Db/AbstractStatement.php:212
Stack trace:
#0 /home/XXX/public_html/community/src/XF/Db/Mysqli/Statement.php(196): XF\Db\AbstractStatement->getException('MySQL query err...', 1835, 'HY000')
#1 /home/XXX/public_html/community/src/XF/Db/Mysqli/Statement.php(77): XF\Db\Mysqli\Statement->getException('MySQL query err...', 1835, 'HY000')
#2 /home/XXX/public_html/community/src/XF/Db/AbstractAdapter.php(79): XF\Db\Mysqli\Statement->execute()
#3 /home/XXX/public_html/community/src/XF/Db/AbstractAdapter.php(116): XF\Db\AbstractAdapter->query('\n\t\t\tSELECT data...', Array)
#4 /home/XXX/public_html/community/src/XF/DataRegistry.php(137): XF\Db\AbstractAdapter->fetchPairs('\n\t\t\tSELECT data...')
#5 /home/XXX/public_html/community/src/XF/DataRegistry.php(82): XF\DataRegistry->readFromDb(Array, Array)
#6 /home/XXX/public_html/community/src/XF/DataRegistry.php(225): XF\DataRegistry- in /home/XXX/public_html/community/src/XF/Db/AbstractStatement.php on line 212

Swapping to 7.3 or 7.4 works.

I've had to downgrade MariaDB back to the previous version:

Code:
# yum history info 264
Loaded plugins: fastestmirror, universal-hooks
Transaction ID : 264
Begin time     : Wed Nov  4 05:35:28 2020
Begin rpmdb    : 1964:269d3e2a5fc59faed15b162386618da46afe3e28
End time       :            05:36:05 2020 (37 seconds)
End rpmdb      : 1964:7aac4ca2ee1e5c81b04babc4f774126e1254d10d
User           : root <root>
Return-Code    : Success
Command Line   : --assumeyes --color=never --config /etc/yum.conf update --disablerepo=epel
Transaction performed with:
    Installed     rpm-4.11.3-43.el7.x86_64                        @base
    Installed     yum-3.4.3-167.el7.centos.noarch                 @base
    Installed     yum-metadata-parser-1.1.4-10.el7.x86_64         @anaconda
    Installed     yum-plugin-fastestmirror-1.1.31-54.el7_8.noarch @updates
Packages Altered:
    Updated MariaDB-client-10.3.25-1.el7.centos.x86_64 @MariaDB103
    Update                 10.3.26-1.el7.centos.x86_64 @MariaDB103
    Updated MariaDB-common-10.3.25-1.el7.centos.x86_64 @MariaDB103
    Update                 10.3.26-1.el7.centos.x86_64 @MariaDB103
    Updated MariaDB-compat-10.3.25-1.el7.centos.x86_64 @MariaDB103
    Update                 10.3.26-1.el7.centos.x86_64 @MariaDB103
    Updated MariaDB-devel-10.3.25-1.el7.centos.x86_64  @MariaDB103
    Update                10.3.26-1.el7.centos.x86_64  @MariaDB103
    Updated MariaDB-server-10.3.25-1.el7.centos.x86_64 @MariaDB103
    Update                 10.3.26-1.el7.centos.x86_64 @MariaDB103
    Updated MariaDB-shared-10.3.25-1.el7.centos.x86_64 @MariaDB103
    Update                 10.3.26-1.el7.centos.x86_64 @MariaDB103
    Updated galera-25.3.30-1.el7.centos.x86_64         @MariaDB103
    Update         25.3.31-1.el7.centos.x86_64         @MariaDB103
history info

And this fixes the issue. So, I don't know if it's a PHP issue, a MariaDB issue, or something combining everything! I've excluded MariaDB and Galera now from automatic updates on my servers.
 

MattW

Well-known member
how to do that please

That thread has links in with specific information provided by cPanel.
 

MattW

Well-known member

New update from cPanel staff.
 

Jared26

Member
Currently having the same issue and seeing this error:

Fatal error: Uncaught XF\Db\Exception: No such file or directory in /sitepath/forum/src/XF/Db/Mysqli/Adapter.php:165 Stack trace: #0 /homepages/34/d769032082/sitepath/forum/src/XF/Db/Mysqli/Adapter.php(28): XF\Db\Mysqli\Adapter->makeConnection(Array) #1 /homepages/34/d769032082/sitepath/src/XF/Db/AbstractAdapter.php(60): XF\Db\Mysqli\Adapter->getConnection() #2 /homepages/34/d769032082/sitepath/src/XF/Db/Mysqli/Adapter.php(113): XF\Db\AbstractAdapter->connect() #3 /homepages/34/d769032082/sitepath/src/XF/Db/AbstractAdapter.php(516): XF\Db\Mysqli\Adapter->escapeString('options') #4 /homepages/34/d769032082/sitepath/src/XF/Db/AbstractAdapter.php(494): XF\Db\AbstractAdapter->quote('options') #5 /homepages/34/d769032082/sitepath/src/XF/DataRegistry.php(138): XF\Db\AbstractAdapter->quote(Array) #6 /homepages/34/d769032082/htdocs/clickan in /homepages/34/d769032082/htdocs/sitepath/src/XF/Db/Mysqli/Adapter.php on line 165

I replaced the actual path with sitepath in the error just for purposes of sharing it here. I updated the PHP version to 7.4, and even created a new database to upgrade the MYSQL version from 5.5 to 5.7 then moved the db over and am still getting the error. If I ctrl+F5 the forum shows as normal and I can click on threads and go back and forth no problem, but clicking on the forum root brings the same error again.
 

MattW

Well-known member
This was a bug in mysqlnd as in PHP 7.2: https://github.com/php/php-src/blob/PHP-7.2/ext/mysqlnd/mysqlnd_ps_codec.c#L938
Fixed in PHP 7.3: https://github.com/php/php-src/blob/PHP-7.3/ext/mysqlnd/mysqlnd_ps_codec.c#L965
by the commit https://github.com/php/php-src/commit/05a884f6393b1a19f103c2b358e736b20c0f7d46

Old code generated invalid "execute" packets, they were violating both our (https://mariadb.com/kb/en/com_stmt_execute/) and MySQL (https://dev.mysql.com/doc/internals/en/com-stmt-execute.html) description of the protocol.

Latest MariaDB releases have stricter packet validation as a security measure and these broken packets are now rejected.

Your best option would be to use PHP 7.3+ that does not violate the protocol. Although we're currently discussing whether to relax the packet validation to allow these invalid packets as a special exception.

From the JIRA bug report for MariaDB
 

djbaxter

Well-known member
From the JIRA bug report for MariaDB
I have one site still on PHP 7.1.x. Fortunately, I don't think that server has been auto-upgraded but upgrading isn't an option for vBulletin 4.2.5. My hope would be that they relax the insistence on strict packet validation.
 
Top