I've been given the dubious task of setting up bonsai for a huge repository of windows code. I pulled the bonsai code from CVS trunk yesterday. Apache timed out after several attempts to rebuild the cvs history with this error message: [Thu Sep 09 16:35:05 2004] [error] [client 10.1.214.46] (70007)The timeout specified has expired: ap_content_length_filter: apr_bucket_read() failed, referer: http://bonsai.company.com/bonsai/admin.cgi The last file listed looked like: /opt/cvsroot/./Appliance/SecureMail/WebUI/Installer/Registry Entries/Attic/Default.rge,v Looking at http://lxr.mozilla.org/mozilla/source/webtools/bonsai/rebuildcvshistory.cgi#38 , it looks as though the value being passed to ProcessOneFile() isn't being escaped when $rlog is called. I'm guessing that this is causing rlog to fail or hang (since it doesn't handle spaces either) and causing apache to time out. This is odd because I was pretty certain that the Mozilla tree has filenames with spaces and afaik, rebuilds work fine there.
we do have spaces in some directories, but i'm not sure we ever did a complete rebuild of bonsai.mozilla.org
Created attachment 158393 [details] [diff] [review] escape all rlog calls
Attachment #158387 - Attachment is obsolete: true
Comment on attachment 158393 [details] [diff] [review] escape all rlog calls i'd rather: s/([ "'?&|!<>])/\\$1/g; bonsai doesn't have common files does it :(
Not sure what you mean by common files but I'll need to add () to the list as well. The rebuild timed out when running overnight due to a file with parens.
you have two identical functions in the patch, one for dolog and one for rebuildcvshistory.
Assignee: tara → cls
Oh, right. That's because dolog.pl is copied into /cvsroot/CVSROOT and is meant to run standalone. I suppose we could make it use CGI.pl from the bonsai installation but I didn't feel like the change was worth the added dependency.
oh right, i forgot about that. i'm fine with that duplication, i'd still like you to use the single s/// expression. should we add 's and ; to the list too?
Created attachment 158669 [details] [diff] [review] escape them all Use single substitution expression and add $, (, ), [, ], ; & : to the escape list.
Attachment #158393 - Attachment is obsolete: true
Patch has been checked in.
Status: NEW → RESOLVED
Last Resolved: 14 years ago
Resolution: --- → FIXED
Just made another minor checkin to dolog.pl. We can only call shell_escape() when invoking a system shell otherwise the standard perl functions will see an incorrect filename. Checking in webtools/bonsai/dolog.pl; /cvsroot/mozilla/webtools/bonsai/dolog.pl,v <-- dolog.pl new revision: 1.17; previous revision: 1.16 done
OS: Solaris → All
Hardware: PC → All
*** Bug 232575 has been marked as a duplicate of this bug. ***
You need to log in before you can comment on or make changes to this bug.