Foswiki on GitHub is open for business! Next release meeting: Monday Nov. 17, 1300Z

Item1781: Uploading files can trigger taint errors if certain plugins are installed

Priority: CurrentState: AppliesTo: Component: WaitingFor:
Normal Closed Engine    
This bug requires

  • That you have a perl of a version that has a buggy CPAN lib
  • That you have a plugin that uses beforeAttachmentSaveHandler
  • You are born under an unlucky star

But none the less, it has been seen and should be fixed.

The fix is to avoid using the buggy CPAN lib which is actually also documented as not a good idea to use.

And instead use a more proven CPAN lib from the standard set distributed with perl

-- KennethLavrsen - 30 Jun 2009

Reopening.

There is an error in the unit tests.

-- KennethLavrsen - 01 Jul 2009

ItemTemplate edit

Summary Uploading files can trigger taint errors if certain plugins are installed
ReportedBy KennethLavrsen
Codebase 1.0.6
SVN Range Foswiki-1.0.0, Thu, 08 Jan 2009, build 1878
AppliesTo Engine
Component
Priority Normal
CurrentState Closed
WaitingFor
Checkins distro:c700cc5ddc6d distro:8c286647db10 distro:8753cab21570 distro:e1fe1695f82b distro:4faf970947b4
TargetRelease patch
ReleasedIn 1.0.7
Topic revision: r9 - 20 Sep 2009, KennethLavrsen
 
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. see CopyrightStatement. Creative Commons License