Blocking from a hook is not stopping code execution

[estringana]

Description

Blocking a request from Appsec should stop customer code execution. However, when this blocking happens within a tracer hook, it does not stop executing customer code execution.

Reviewer checklist

• [ ] Test coverage seems ok.
• [ ] Appropriate labels assigned.

[codecov-commenter]

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 80.91%. Comparing base (c1fd94c) to head (78a05a9).

Additional details and impacted files

[](https://app.codecov.io/gh/DataDog/dd-trace-php/pull/2836?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=DataDog) ```diff @@ Coverage Diff @@ ## master #2836 +/- ## ============================================ + Coverage 78.36% 80.91% +2.54% Complexity 2526 2526 ============================================ Files 173 146 -27 Lines 18742 14711 -4031 Branches 976 0 -976 ============================================ - Hits 14688 11903 -2785 + Misses 3517 2808 -709 + Partials 537 0 -537 ``` | [Flag](https://app.codecov.io/gh/DataDog/dd-trace-php/pull/2836/flags?src=pr&el=flags&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=DataDog) | Coverage Δ | | |---|---|---| | [appsec-extension](https://app.codecov.io/gh/DataDog/dd-trace-php/pull/2836/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=DataDog) | `?` | | | [tracer-extension](https://app.codecov.io/gh/DataDog/dd-trace-php/pull/2836/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=DataDog) | `78.10% <ø> (ø)` | | | [tracer-php](https://app.codecov.io/gh/DataDog/dd-trace-php/pull/2836/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=DataDog) | `82.09% <ø> (ø)` | | Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=DataDog#carryforward-flags-in-the-pull-request-comment) to find out more. [see 27 files with indirect coverage changes](https://app.codecov.io/gh/DataDog/dd-trace-php/pull/2836/indirect-changes?src=pr&el=tree-more&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=DataDog) ------ [Continue to review full report in Codecov by Sentry](https://app.codecov.io/gh/DataDog/dd-trace-php/pull/2836?dropdown=coverage&src=pr&el=continue&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=DataDog). > **Legend** - [Click here to learn more](https://docs.codecov.io/docs/codecov-delta?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=DataDog) > `Δ = absolute (impact)`, `ø = not affected`, `? = missing data` > Powered by [Codecov](https://app.codecov.io/gh/DataDog/dd-trace-php/pull/2836?dropdown=coverage&src=pr&el=footer&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=DataDog). Last update [c1fd94c...78a05a9](https://app.codecov.io/gh/DataDog/dd-trace-php/pull/2836?dropdown=coverage&src=pr&el=lastupdated&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=DataDog). Read the [comment docs](https://docs.codecov.io/docs/pull-request-comments?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=DataDog).

[bwoebi]

I see, the tracer sandboxing is sandboxing the bailout away :-) I suppose some it would be ideal to signal the tracer "please bailout again after catching this" :-D