Closed
Bug 441921
Opened 17 years ago
Closed 17 years ago
context=file fails due to taint issues in file names and file rev numbers
Categories
(Bugzilla :: Attachments & Requests, defect)
Tracking
()
RESOLVED
FIXED
Bugzilla 3.2
People
(Reporter: LpSolit, Assigned: LpSolit)
References
()
Details
(Keywords: regression)
Attachments
(1 file)
1.88 KB,
patch
|
himorin
:
review+
|
Details | Diff | Splinter Review |
Follow the URL above. You get: Insecure dependency in system while running with -T switch at /usr/lib/perl5/vendor_perl/5.8.8/PatchReader/CVSClient.pm line 60. I cannot reproduce this problem in Bugzilla 3.0.4+, which makes me think bug 410902 could be the culprit. Investigating!
Flags: blocking3.2+
Assignee | ||
Comment 1•17 years ago
|
||
OK, I don't get it at all. In /usr/lib/perl5/vendor_perl/5.8.8/PatchReader/Raw.pm, next_line() contains: if ($line =~ /^---\s*(\S+)\s*\t([^\t\r\n]*)\s*(\S*)/) { [...] $this->{FILE_STATE}{old_revision} = $3 if $3; and guess what? Adding the line die "bah, $3 is tainted!!" if is_tainted($3); dies, meaning that $3 is tainted. How is that possible??? The goal of the regexp is to untaint the data.
Assignee | ||
Comment 2•17 years ago
|
||
That's ridiculous. $line itself is not tainted, but $3 is!
Comment 3•17 years ago
|
||
That sounds like a bug in Perl itself. I've seen those from time to time, with taint mode.
Assignee | ||
Comment 4•17 years ago
|
||
So why can I only reproduce the problem with Bugzilla 3.1.4/3.3 but not with 3.0.4?
Assignee | ||
Comment 5•17 years ago
|
||
Interesting, $attachment->{data} = Encode::decode_utf8($attachment->data); causes the problem. Without this line, context=file is working fine. What I don't understand is that is_tainted($attachment->data) returns false, both before and after the call to decode_utf8().
Assignee | ||
Comment 6•17 years ago
|
||
OK, the problem only occurs with Perl 5.8.8, but doesn't with Perl 5.8.1, 5.8.5 nor with 5.10.0. Upgrading Encoding.pm from 2.12 (the version used in Perl 5.8.8) to 2.25 (latest release) doesn't help.
Assignee | ||
Comment 7•17 years ago
|
||
Replace Encode::decode_utf8() by utf8::decode() to work around a bug in Perl 5.8.8. My testing shows no regression. himorin, could you confirm?
Attachment #326946 -
Flags: review?
Assignee | ||
Updated•17 years ago
|
Attachment #326946 -
Flags: review? → review?(shimono)
Comment 8•17 years ago
|
||
reproduced on perl 5.8.8 and worked fine with the patch. system environment with checksetup.pl is as the followings. (debian etch with my package repository of perl packages) $ perl -MEncode -e 'print Encode->VERSION' 2.12 $ ./checksetup.pl * This is Bugzilla 3.3 on perl 5.8.8 * Running on Linux 2.6.18-4-686 #1 SMP Wed May 9 23:03:12 UTC 2007 Checking perl modules... Checking for CGI.pm (v2.93) ok: found v3.15 Checking for TimeDate (v2.21) ok: found v2.22 Checking for PathTools (v0.84) ok: found v3.12 Checking for DBI (v1.41) ok: found v1.53 Checking for Template-Toolkit (v2.15) ok: found v2.19 Checking for Email-Send (v2.00) ok: found v2.181 Checking for Email-MIME (v1.861) ok: found v1.861 Checking for Email-MIME-Modifier (v1.442) ok: found v1.442 Checking available perl DBD modules... Checking for DBD-Pg (v1.45) not found Checking for DBD-mysql (v4.00) ok: found v4.006 Checking for DBD-Oracle (v1.19) not found The following Perl modules are optional: Checking for GD (v1.20) ok: found v2.34 Checking for Chart (v1.0) ok: found v2.4.1 Checking for Template-GD (any) ok: found v1.56 Checking for GDTextUtil (any) ok: found v0.86 Checking for GDGraph (any) ok: found v1.4308 Checking for XML-Twig (any) ok: found v3.26 Checking for MIME-tools (v5.406) ok: found v5.420 Checking for libwww-perl (any) ok: found v2.033 Checking for PatchReader (v0.9.4) ok: found v0.9.5 Checking for PerlMagick (any) ok: found v6.2.4 Checking for perl-ldap (any) ok: found v0.33 Checking for SASL-Authen (any) not found Checking for RadiusPerl (any) not found Checking for SOAP-Lite (any) ok: found v0.69 Checking for HTML-Parser (v3.40) ok: found v3.55 Checking for HTML-Scrubber (any) ok: found v0.08 Checking for Email-MIME-Attachment-Stripper (any) not found Checking for Email-Reply (any) not found Checking for mod_perl (v1.999022) not found Checking for CGI.pm (v3.11) ok: found v3.15
Comment 9•17 years ago
|
||
Comment on attachment 326946 [details] [diff] [review] patch, v1 for testing the patch.
Attachment #326946 -
Flags: review?(shimono) → review+
Assignee | ||
Updated•17 years ago
|
Assignee | ||
Comment 10•17 years ago
|
||
tip: Checking in Bugzilla/Attachment/PatchReader.pm; /cvsroot/mozilla/webtools/bugzilla/Bugzilla/Attachment/PatchReader.pm,v <-- PatchReader.pm new revision: 1.6; previous revision: 1.5 done 3.1.4: Checking in Bugzilla/Attachment/PatchReader.pm; /cvsroot/mozilla/webtools/bugzilla/Bugzilla/Attachment/PatchReader.pm,v <-- PatchReader.pm new revision: 1.5.2.1; previous revision: 1.5 done
Status: ASSIGNED → RESOLVED
Closed: 17 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•