Closed
Bug 125013
Opened 23 years ago
Closed 23 years ago
ProcessMultipartFormFields hangs
Categories
(Bugzilla :: Creating/Changing Bugs, defect, P1)
Tracking
()
RESOLVED
FIXED
Bugzilla 2.16
People
(Reporter: tkl, Assigned: tkl)
Details
Attachments
(2 files)
|
307 bytes,
patch
|
myk
:
review-
|
Details | Diff | Splinter Review |
|
630 bytes,
patch
|
justdave
:
review+
justdave
:
review+
|
Details | Diff | Splinter Review |
Creating attachments to bugs with Opera 6.0 may lead to hangs in createattachment.cgi
The
problem is with ProcessMultipartFormFields() and the boundary-string that Opera may send.
According to RFC2046 the boundary string may contain ()+./? which cause problems with the search
for boundaries of ProcessMultipartFormFields.
The attached file resolves the problem by
escaping these special characters.
|
Assignee | |
Comment 1•23 years ago
|
||
|
||
Comment 2•23 years ago
|
||
Comment on attachment 69033 [details] [diff] [review]
Patch for correcting boundary string matching
Yep, it's a bug, and it still exists on the development tip.
This patch doesn't work with the tip, however, since the
ProcessMultipartFormFields function has been completely
rewritten since 2.14.1. Provide a new patch for the current
tip and I'll review and check in.
>--- CGI.pl Sun Dec 9 16:02:46 2001 -0000 1.100.2.1
>+++ CGI.pl Tue Feb 12 13:28:00 2001 -0000
>@@ -148,5 +148,6 @@
> sub ProcessMultipartFormFields {
> my ($boundary) = (@_);
>+ $boundary =~ s/(\+|\(|\)|\.|\/|\?)/\\$1/g;
Use \Q to escape meta-characters in the $boundary variable
from within the regular expression itself instead of doing
it manually beforehand, i.e.:
if ($_ =~ m/^-*\Q$boundary\E/) {
Attachment #69033 -
Flags: review-
|
|
Assignee | |
Comment 3•23 years ago
|
||
So here is the output from cvs diff:
Index:
CGI.pl
===================================================================
RCS
file: /cvsroot/mozilla/webtools/bugzilla/CGI.pl,v
retrieving revision 1.133
diff -w -
r1.133 CGI.pl
192c192
< if ($_ =~ m/^-*$boundary/) {
---
> if ($_ =~ m/^-*\Q$boundary\E/) {
|
|
Assignee | |
Comment 4•23 years ago
|
||
|
||
Updated•23 years ago
|
Priority: -- → P1
Target Milestone: --- → Bugzilla 2.16
|
||
Updated•23 years ago
|
|
|
||
Comment 5•23 years ago
|
||
Comment on attachment 69455 [details] [diff] [review]
Patch for correcting boundary string matching (Updated)
trivial change, darn obvious.
2xr= justdave
Attachment #69455 -
Flags: review+
|
|
||
Comment 7•23 years ago
|
||
Checking in CGI.pl;
/cvsroot/mozilla/webtools/bugzilla/CGI.pl,v <-- CGI.pl
new revision: 1.145; previous revision: 1.144
done
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED
|
||
Updated•12 years ago
|
QA Contact: matty_is_a_geek → default-qa
You need to log in
before you can comment on or make changes to this bug.
Description
•