Item9140: Sandbox::sysCommand template parsing

Priority: Normal
Current State: Closed
Released In: 1.1.0
Target Release: minor
Applies To: Engine
Component: Sandbox
Reported By: MikhailRyazanov
Waiting For:
Last Change By: KennethLavrsen
Foswiki::Sandbox::sysCommand incorrectly parses the template. Namely, in the following code:
    # Implicit untaint OK; $template is safe
    $template =~ /(^.*?)\s+(.*)$/;
    my $path  = $1;
    my $pTmpl = $2;
the regexp fails if the $template contains no spaces (e.g. a program call without arguments), so that $path and $pTmpl are filled with arbitrary junk from a previous regexp matched somewhere else.

By the way, why ^ is inside the parentheses?

-- MikhailRyazanov - 11 Jun 2010

No particular reason. Doesn't actually matter.

Thanks for spotting this one - fixed in trunk.

-- CrawfordCurrie - 11 Jun 2010


ItemTemplate edit

Summary Sandbox::sysCommand template parsing
ReportedBy MikhailRyazanov
Codebase 1.0.9
SVN Range
AppliesTo Engine
Component Sandbox
Priority Normal
CurrentState Closed
Checkins distro:eb3438fb7749
TargetRelease minor
ReleasedIn 1.1.0
Topic revision: r4 - 04 Oct 2010, KennethLavrsen
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License    Legal Imprint    Privacy Policy