id summary reporter owner description type status priority milestone component version resolution keywords cc 4489 MediaWiki+FCKEditor - Cyclical Categories causes SEGFAULT SPOrange "In using the latest trunk version of the FCKEditor+MediaWiki extension, an infinite loop will occur, leading to a segmentation fault in Apache2 if a Category page contains a cyclical reference to another Category page one level before. (The parent is the child is the parent..). Steps to reproduce: 1. Create Category:RAD 2. Make Category:RAD member of Category:WSAD 3. Create page for Category:WSAD 4. Make Category:WSAD a member of Category:RAD This will work with CategoryTree extension (it will just keep going deeper and deeper showing the same tree structure). However, if you try to load the Rich Editor with MediaWiki+FCKeditor, the box containing ""Category tree (start typing in the field)"" will never populate and the HTTP server logs will show a SEGFAULT (11). The problem occurs in this code, part of FCKeditorSajax.body.php: function wfSajaxSearchCategoryFCKeditor() { global $wgContLang, $wgOut; $ns = NS_CATEGORY; $db =& wfGetDB( DB_SLAVE ); $m_sql=""SELECT tmpSelectCat1.cl_to AS title FROM "".$db->tableName('categorylinks')."" AS tmpSelectCat1 "". ""LEFT JOIN "".$db->tableName('page')."" AS tmpSelectCatPage ON ( tmpSelectCat1.cl_to = tmpSelectCatPage.page_title "". ""AND tmpSelectCatPage.page_namespace =$ns ) "". ""LEFT JOIN "".$db->tableName('categorylinks')."" AS tmpSelectCat2 ON tmpSelectCatPage.page_id = tmpSelectCat2.cl_from "". ""WHERE tmpSelectCat2.cl_from IS NULL GROUP BY tmpSelectCat1.cl_to""; $res = $db->query($m_sql,__METHOD__ ); $ret = """"; $i=0; while ( ( $row = $db->fetchObject( $res ) ) ) { $ret .= $row->title .""\n""; $sub = explode(""\n"",wfSajaxSearchCategoryChildrenFCKeditor($row->title)); foreach($sub as $subrow)if(strlen($subrow)>0)$ret.="" "".$subrow.""\n""; } return $ret; } function wfSajaxSearchCategoryChildrenFCKeditor($m_root) { global $wgContLang, $wgOut; $limit = 50; $ns = NS_CATEGORY; $m_root = str_replace(""'"",""\'"",$m_root); $db =& wfGetDB( DB_SLAVE ); $m_sql =""SELECT tmpSelectCatPage.page_title AS title FROM "".$db->tableName('categorylinks')."" AS tmpSelectCat "". ""LEFT JOIN "".$db->tableName('page')."" AS tmpSelectCatPage ON tmpSelectCat.cl_from = tmpSelectCatPage.page_id "". ""WHERE tmpSelectCat.cl_to LIKE '$m_root' AND tmpSelectCatPage.page_namespace = $ns""; $res = $db->query($m_sql,__METHOD__ ); $ret = """"; $i=0; while ( ( $row = $db->fetchObject( $res ) ) ) { $ret .= $row->title .""\n""; $sub = explode(""\n"",wfSajaxSearchCategoryChildrenFCKeditor($row->title)); foreach($sub as $subrow)if(strlen($subrow)>0)$ret.="" "".$subrow.""\n""; } return $ret; } We have attempted to fix this in our own Wiki by removing cyclical category references, but as soon as one person creates a new cyclical category reference, the FCKeditor categories editor will no longer work once again. Additionally, since this is a natively supported feature of MediaWiki, this should be filed as a bug within FCKeditor+MediaWiki and be supported. Additional information from my test wiki: System: Ubuntu 9.4 MediaWiki: 1.15.1 PHP: 5.2.6-3 MySQL: 5.0.75 Browser: Firefox 3.0.14" Bug closed Normal Project : MediaWiki+FCKeditor invalid