Filenames aren't escaped when rebuilding cvs history



Webtools Graveyard
14 years ago
2 years ago


(Reporter: cls, Assigned: cls)




(1 attachment, 2 obsolete attachments)



14 years ago
I've been given the dubious task of setting up bonsai for a huge repository of
windows code.  I pulled the bonsai code from CVS trunk yesterday.  Apache timed
out after several attempts to rebuild the cvs history with this error message:

[Thu Sep 09 16:35:05 2004] [error] [client] (70007)The timeout
specified has expired: ap_content_length_filter: apr_bucket_read() failed,

The last file listed looked like:

Looking at ,
it looks as though the value being passed to ProcessOneFile() isn't being
escaped when $rlog is called.  I'm guessing that this is causing rlog to fail or
hang (since it doesn't handle spaces either) and causing apache to time out.

This is odd because I was pretty certain that the Mozilla tree has filenames
with spaces and afaik, rebuilds work fine there.

Comment 1

14 years ago
we do have spaces in some directories, but i'm not sure we ever did a complete
rebuild of

Comment 2

14 years ago
Created attachment 158387 [details] [diff] [review]
Call shell_escape on rlog argument

Comment 3

14 years ago
Created attachment 158393 [details] [diff] [review]
escape all rlog calls
Attachment #158387 - Attachment is obsolete: true

Comment 4

14 years ago
Comment on attachment 158393 [details] [diff] [review]
escape all rlog calls

i'd rather:

s/([ "'?&|!<>])/\\$1/g;

bonsai doesn't have common files does it :(

Comment 5

14 years ago
Not sure what you mean by common files but I'll need to add () to the list as
well.  The rebuild timed out when running overnight due to a file with parens.

Comment 6

14 years ago
you have two identical functions in the patch, one for dolog and one for
Assignee: tara → cls

Comment 7

14 years ago
Oh, right.  That's because is copied into /cvsroot/CVSROOT and is meant
to run standalone.  I suppose we could make it use from the bonsai
installation but I didn't feel like the change was worth the added dependency.

Comment 8

14 years ago
oh right, i forgot about that. i'm fine with that duplication, i'd still like
you to use the single s/// expression. should we add []'s and ; to the list too?

Comment 9

14 years ago
Created attachment 158669 [details] [diff] [review]
escape them all

Use single substitution expression and add $, (, ), [, ], ; & : to the escape
Attachment #158393 - Attachment is obsolete: true


14 years ago
Attachment #158669 - Flags: review+

Comment 10

14 years ago
Patch has been checked in.
Last Resolved: 14 years ago
Resolution: --- → FIXED

Comment 11

14 years ago
Just made another minor checkin to  We can only call shell_escape()
when invoking a system shell otherwise the standard perl functions will see an
incorrect filename.

Checking in webtools/bonsai/;
/cvsroot/mozilla/webtools/bonsai/,v  <--
new revision: 1.17; previous revision: 1.16
OS: Solaris → All
Hardware: PC → All


14 years ago
Blocks: 259248

Comment 12

14 years ago
*** Bug 232575 has been marked as a duplicate of this bug. ***


14 years ago
No longer blocks: 259248
Product: Webtools → Webtools Graveyard
You need to log in before you can comment on or make changes to this bug.