Contrib.social

Fix fatal error when pressing Run checklist button

Open on Drupal.org β†’
Created on 25 July 2024, 4 months ago
Updated 21 August 2024, 3 months ago

Problem/Motivation

Facing a fatal error when clicking Run checklist

Steps to reproduce

Given that "Drupal 10.3" was installed under "PHP 8.3"
And the Security Kit module was installed and configured
And the following settings in the "development.local.services.yml" file

# Local development services.
#
# To activate this feature, follow the instructions at the top of the
# 'settings.platformsh.php' or 'settings.local.php' file, which sits next to this file.
parameters:
  twig.config:
    debug: true
    cache: false
  http.response.debug_cacheability_headers: true
  cors.config:
    enabled: true
    # Specify allowed headers, like 'x-allowed-header'.
    allowedHeaders: ['*']
    # Specify allowed request methods, specify ['*'] to allow all possible ones.
    allowedMethods: ['*']
    # Configure requests allowed from specific origins. Do not include trailing
    # slashes with URLs.
    allowedOrigins: ['*']
    # Configure requests allowed from origins, matching against regex patterns.
    allowedOriginsPatterns: ['*']
    # Sets the Access-Control-Expose-Headers header.
    exposedHeaders: false
    # Sets the Access-Control-Max-Age header.
    maxAge: false
    # Sets the Access-Control-Allow-Credentials header.
    supportsCredentials: true
services:
  cache.backend.null:
    class: Drupal\Core\Cache\NullBackendFactory

And I am logged in as the webmaster user
And the system has only one "Untrusted roles have been granted administrative or trusted Drupal permissions."
And the reported one could be for example "use cl server"
And the "Log checklist results and skips" was changed under the "Advanced" group in "Security Review Settings"
When I go to "/admin/reports/security-review"
And press "Run checklist" button
Then I get the following fatal error

The website encountered an unexpected error. Try again later.

TypeError: array_key_exists(): Argument #2 ($array) must be of type array, null given in array_key_exists() (line 203 of modules/contrib/security_review/src/SecurityReview.php).
Drupal\security_review\SecurityReview->isCheckSkipped('admin_permissions') (Line: 105)
Drupal\security_review\Form\RunForm->submitForm(Array, Object)
call_user_func_array(Array, Array) (Line: 129)
Drupal\Core\Form\FormSubmitter->executeSubmitHandlers(Array, Object) (Line: 67)
Drupal\Core\Form\FormSubmitter->doSubmitForm(Array, Object) (Line: 597)
Drupal\Core\Form\FormBuilder->processForm('security-review-run', Array, Object) (Line: 326)
Drupal\Core\Form\FormBuilder->buildForm('Drupal\security_review\Form\RunForm', Object) (Line: 224)
Drupal\Core\Form\FormBuilder->getForm('Drupal\security_review\Form\RunForm') (Line: 87)
Drupal\security_review\Controller\ChecklistController->index()
call_user_func_array(Array, Array) (Line: 123)
Drupal\Core\EventSubscriber\EarlyRenderingControllerWrapperSubscriber->Drupal\Core\EventSubscriber\{closure}() (Line: 638)
Drupal\Core\Render\Renderer->executeInRenderContext(Object, Object) (Line: 121)
Drupal\Core\EventSubscriber\EarlyRenderingControllerWrapperSubscriber->wrapControllerExecutionInRenderContext(Array, Array) (Line: 97)
Drupal\Core\EventSubscriber\EarlyRenderingControllerWrapperSubscriber->Drupal\Core\EventSubscriber\{closure}() (Line: 181)
Symfony\Component\HttpKernel\HttpKernel->handleRaw(Object, 1) (Line: 76)
Symfony\Component\HttpKernel\HttpKernel->handle(Object, 1, 1) (Line: 54)
Drupal\simple_oauth\HttpMiddleware\BasicAuthSwap->handle(Object, 1, 1) (Line: 53)
Drupal\Core\StackMiddleware\Session->handle(Object, 1, 1) (Line: 48)
Drupal\Core\StackMiddleware\KernelPreHandle->handle(Object, 1, 1) (Line: 28)
Drupal\Core\StackMiddleware\ContentLength->handle(Object, 1, 1) (Line: 106)
Drupal\page_cache\StackMiddleware\PageCache->pass(Object, 1, 1) (Line: 85)
Drupal\page_cache\StackMiddleware\PageCache->handle(Object, 1, 1) (Line: 53)
Asm89\Stack\Cors->handle(Object, 1, 1) (Line: 48)
Drupal\Core\StackMiddleware\ReverseProxyMiddleware->handle(Object, 1, 1) (Line: 51)
Drupal\Core\StackMiddleware\NegotiationMiddleware->handle(Object, 1, 1) (Line: 36)
Drupal\Core\StackMiddleware\AjaxPageState->handle(Object, 1, 1) (Line: 51)
Drupal\Core\StackMiddleware\StackedHttpKernel->handle(Object, 1, 1) (Line: 741)
Drupal\Core\DrupalKernel->handle(Object) (Line: 19)

Proposed resolution

Check with isset and is_array first

Remaining tasks

User interface changes

API changes

Data model changes

πŸ› Bug report
Status

Fixed

Version

3.0

Component

Code

Created by

πŸ‡―πŸ‡΄Jordan Rajab Natshah Jordan

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Merge Requests

Comments & Activities

  • Issue created by @Rajab Natshah
  • Merge request !76Issue #3463712: Fix fatal error when pressing Run checklist button β†’ (Open) created by Rajab Natshah
  • Pipeline finished with Success
    4 months ago
    Total: 150s
    #233702
  • Issue was unassigned.
  • Status changed to Needs review 4 months ago
  • Comment 4 months ago β†’
    πŸ‡―πŸ‡΄Jordan Rajab Natshah Jordan
  • Status changed to Postponed: needs info 4 months ago
  • Comment 4 months ago β†’
    πŸ‡ΊπŸ‡ΈUnited States smustgrave

    Tried replicating following the steps but could now.

  • Comment 4 months ago β†’
    sboden

    I applied patch "3463712-fix-fatal-error" above on Drupal 10.3.1 with drupal/security_review:^3, and it still crashes with the same error message.

  • Comment 4 months ago β†’
    πŸ‡―πŸ‡΄Jordan Rajab Natshah Jordan
  • Comment 4 months ago β†’
    πŸ‡―πŸ‡΄Jordan Rajab Natshah Jordan

    You are right Stephen, I'm not able to reproduce with Drupal Standard alone
    Having many enabled modules.

  • Comment 4 months ago β†’
    πŸ‡ΊπŸ‡ΈUnited States dgroene

    I am getting the same error - TypeError: array_key_exists(): Argument #2 ($array) must be of type array, null given in array_key_exists() (line 203 of modules/contrib/security_review/src/SecurityReview.php).

  • Comment 4 months ago β†’
    πŸ‡ΊπŸ‡ΈUnited States dgroene

    OK, so this was happening because we had no configuration in place. If there is no config, then the second parameter of array_key_exists is null, which causes the php error. There should be a null check here, or a default value of [].

    Simple solution to avoid the error: Go to the config page and hit save. The error only occurs when there is not yet any configuration.

  • Status changed to Needs review 4 months ago
  • Comment 4 months ago β†’
    πŸ‡ΊπŸ‡ΈUnited States greggles Denver, Colorado, USA

    There's lots more detail now and an MR. Thanks for all that!

    Adjusting status to needs review accordingly.

  • Comment 4 months ago β†’
    πŸ‡ΊπŸ‡ΈUnited States greggles Denver, Colorado, USA

    I tried to replicate the bug and am unable to trigger it following the description. It's possible I misunderstood a step in the process.

    I did adjust my sites/default/settings.php to include:

    <?PHP
    $settings['container_yamls'][] = $app_root . '/' . $site_path . '/development.local.services.yml';
    ?>

    And then did a drush cr and then ran the check.

    Is that what you intended with that services yml file?

  • Comment 4 months ago β†’
    sboden

    I can confirm #9: saving the config again will solve the problem.

  • Comment 4 months ago β†’
    πŸ‡―πŸ‡΄Jordan Rajab Natshah Jordan

    Yes, that is my intended setup, thanks, Greg for following.

    Douglas got it right, in #9
    It seems when we install with an old config or no config has been saved yet.

    I suggest a fallback fix could be easier than trying to fix this in 20K+ sites.

  • Comment 4 months ago β†’
    πŸ‡©πŸ‡°Denmark ressa Copenhagen

    Got here after getting the error, and can confirm that going to "Security Review Settings" (/admin/config/security-review) and saving configuration fixed it. I didn't catch there was a patch which I could have tested, sorry.

  • Comment 4 months ago β†’
    System Message
  • Status changed to Fixed 4 months ago
  • Comment 4 months ago β†’
    πŸ‡ΊπŸ‡ΈUnited States smustgrave

    Still not able to replicate but seems enough people are hitting it and the code really isn't disruptive so merged.

  • Comment 3 months ago β†’
    System Message

    Automatically closed - issue fixed for 2 weeks with no activity.

contrib.social Blog FAQ Discussions
Production build 0.71.5 2024