[Koha-bugs] [Bug 27916] New: Fee paid message can crash SIP server if paying fee that is not "renewable"
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Wed Mar 10 15:09:45 CET 2021
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=27916
Bug ID: 27916
Summary: Fee paid message can crash SIP server if paying fee
that is not "renewable"
Change sponsored?: ---
Product: Koha
Version: master
Hardware: All
OS: All
Status: NEW
Severity: critical
Priority: P5 - low
Component: SIP2
Assignee: koha-bugs at lists.koha-community.org
Reporter: kyle at bywatersolutions.com
QA Contact: testopia at bugs.koha-community.org
I'm not entirely sure how this is possible, but I've confirmed my fix works on
two separate occasions.
In the Koha::Account::pay, if a fine is "renewable" ( as determined by the
method "renewable" the response to from the method "renew_item" is stored and
returned by by pay().
Later in C4::SIP::Sip::MsgType::handle_fee_paid we assume that each element of
the list in $pay_response->{renew_result} is a hashref that had an itemnumber.
This is not true. We need to check for the itemnumber and then the item. If
either do not exist, the SIP server will crash without responding.
My suspicion is that this is caused by Koha::Account::Line::renewable returning
true while the corrosponding call to renew_item contains a simple "return;"
statement if RenewAccruingItemWhenPaid is not enabled ( or there is not related
item or patron ).
What happens here, at least for Bibliotheca self checks is that the machine
will take payment, and send the fee paid to Koha via SIP. When Koha's SIP
crashes and doesn't return a response, the self check machine will refund the
money to the patron, *but* the payment still exists in Koha! Considering
payments may be in the tens or even hundreds of dollars, this makes for a
critical SIP bug.
--
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
More information about the Koha-bugs
mailing list