Foswiki on GitHub is open for business! Next release meeting: Monday September 1, 1300Z

Item9140: Sandbox::sysCommand template parsing

Priority: CurrentState: AppliesTo: Component: WaitingFor:
Normal Closed Engine Sandbox  
Foswiki::Sandbox::sysCommand incorrectly parses the template. Namely, in the following code:
    # Implicit untaint OK; $template is safe
    $template =~ /(^.*?)\s+(.*)$/;
    my $path  = $1;
    my $pTmpl = $2;
the regexp fails if the $template contains no spaces (e.g. a program call without arguments), so that $path and $pTmpl are filled with arbitrary junk from a previous regexp matched somewhere else.

By the way, why ^ is inside the parentheses?

-- MikhailRyazanov - 11 Jun 2010

No particular reason. Doesn't actually matter.

Thanks for spotting this one - fixed in trunk.

-- CrawfordCurrie - 11 Jun 2010

 

ItemTemplate edit

Summary Sandbox::sysCommand template parsing
ReportedBy MikhailRyazanov
Codebase 1.0.9
SVN Range
AppliesTo Engine
Component Sandbox
Priority Normal
CurrentState Closed
WaitingFor
Checkins Foswikirev:7723
TargetRelease minor
ReleasedIn 1.1.0
Topic revision: r4 - 04 Oct 2010, KennethLavrsen
 
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. see CopyrightStatement. Creative Commons License