Item1781: Uploading files can trigger taint errors if certain plugins are installed

pencil
Priority: Normal
Current State: Closed
Released In: 1.0.7
Target Release: patch
Applies To: Engine
Component:
Branches:
Reported By: KennethLavrsen
Waiting For:
Last Change By: KennethLavrsen
This bug requires

  • That you have a perl of a version that has a buggy CPAN lib
  • That you have a plugin that uses beforeAttachmentSaveHandler
  • You are born under an unlucky star

But none the less, it has been seen and should be fixed.

The fix is to avoid using the buggy CPAN lib which is actually also documented as not a good idea to use.

And instead use a more proven CPAN lib from the standard set distributed with perl

-- KennethLavrsen - 30 Jun 2009

Reopening.

There is an error in the unit tests.

-- KennethLavrsen - 01 Jul 2009

ItemTemplate edit

Summary Uploading files can trigger taint errors if certain plugins are installed
ReportedBy KennethLavrsen
Codebase 1.0.6
SVN Range Foswiki-1.0.0, Thu, 08 Jan 2009, build 1878
AppliesTo Engine
Component
Priority Normal
CurrentState Closed
WaitingFor
Checkins distro:c700cc5ddc6d distro:8c286647db10 distro:8753cab21570 distro:e1fe1695f82b distro:4faf970947b4
TargetRelease patch
ReleasedIn 1.0.7
Topic revision: r9 - 20 Sep 2009, KennethLavrsen
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License    Legal Imprint    Privacy Policy