You are here: Foswiki>Tasks Web>Item545 (22 Dec 2008, CrawfordCurrie)Edit Attach

Item545: Viewing a topic with a form fails taint test

pencil
Priority: Urgent
Current State: Closed
Released In: 1.0.0
Target Release: patch
Applies To: Engine
Component:
Branches:
Reported By: Foswiki:Main.KennethLavrsen
Waiting For:
Last Change By: CrawfordCurrie
Viewing a topic with a form fails taint test

Assertion failed!
 at /var/www/foswiki/core/lib/Assert.pm line 64
   Assert::ASSERT('undef') called at /var/www/foswiki/core/lib/Foswiki/Store/RcsFile.pm line 843
   Foswiki::Store::RcsFile::readFile('Foswiki::Store::RcsWrap=HASH(0xa0ffdb0)', '/var/www/foswiki/core/data/Myweb/BugReportForm.txt') called at /var/www/foswiki/core/lib/Foswiki/Store/RcsFile.pm line 192
   Foswiki::Store::RcsFile::getLatestRevision('Foswiki::Store::RcsWrap=HASH(0xa0ffdb0)') called at /var/www/foswiki/core/lib/Foswiki/Store.pm line 261
   Foswiki::Store::readTopicRaw('Foswiki::Store=HASH(0x91527b0)', 'KennethLavrsen', 'Myweb', 'BugReportForm', 'undef') called at /var/www/foswiki/core/lib/Foswiki/Store.pm line 123
   Foswiki::Store::readTopic('Foswiki::Store=HASH(0x91527b0)', 'KennethLavrsen', 'Myweb', 'BugReportForm', 'undef') called at /var/www/foswiki/core/lib/Foswiki/Form.pm line 87
   Foswiki::Form::new('Foswiki::Form', 'Foswiki=HASH(0x8d076c0)', 'Myweb', 'BugReportForm') called at /var/www/foswiki/core/lib/Foswiki/Meta.pm line 651
   Foswiki::Meta::renderFormForDisplay('Foswiki::Meta=HASH(0x9cbb214)', 'Foswiki::Templates=HASH(0x9271d4c)') called at /var/www/foswiki/core/lib/Foswiki.pm line 4161
   Foswiki::META('Foswiki=HASH(0x8d076c0)', 'Foswiki::Attrs=HASH(0xa10044c)', 'LostFormTest', 'Myweb', 'Foswiki::Meta=HASH(0x9cbb214)') called at /var/www/foswiki/core/lib/Foswiki.pm line 2774
   Foswiki::_expandTagOnTopicRendering('Foswiki=HASH(0x8d076c0)', 'META', '"form"', 'LostFormTest', 'Myweb', 'Foswiki::Meta=HASH(0x9cbb214)') called at /var/www/foswiki/core/lib/Foswiki.pm line 2679
   Foswiki::_processTags('Foswiki=HASH(0x8d076c0)', ' %IF{"$raw=\'on\'" then=\'<div class="patternSigLine"><span c...', 'CODE(0x9086024)', 16, 'LostFormTest', 'Myweb', 'Foswiki::Meta=HASH(0x9cbb214)') called at /var/www/foswiki/core/lib/Foswiki.pm line 2597
   Foswiki::expandAllTags('Foswiki=HASH(0x8d076c0)', 'SCALAR(0x913aa0c)', 'LostFormTest', 'Myweb', 'Foswiki::Meta=HASH(0x9cbb214)') called at /var/www/foswiki/core/lib/Foswiki.pm line 2953
   Foswiki::handleCommonTags('Foswiki=HASH(0x8d076c0)', ' %IF{"$raw=\'on\'" then=\'<div class="patternSigLine"><span c...', 'Myweb', 'LostFormTest', 'Foswiki::Meta=HASH(0x9cbb214)') called at /var/www/foswiki/core/lib/Foswiki/UI/View.pm line 400
   Foswiki::UI::View::_prepare(' %IF{"$raw=\'on\'" then=\'<div class="patternSigLine"><span c...', 'Foswiki=HASH(0x8d076c0)', 'Myweb', 'LostFormTest', 'Foswiki::Meta=HASH(0x9cbb214)', 0) called at /var/www/foswiki/core/lib/Foswiki/UI/View.pm line 386
   Foswiki::UI::View::view('Foswiki=HASH(0x8d076c0)') called at /var/www/foswiki/core/lib/Foswiki/UI.pm line 178
   Foswiki::UI::__ANON__() called at /usr/lib/perl5/vendor_perl/5.8.8/Error.pm line 415
   eval {...} called at /usr/lib/perl5/vendor_perl/5.8.8/Error.pm line 407
   Error::subs::try('CODE(0x9c25c50)', 'HASH(0x9db2540)') called at /var/www/foswiki/core/lib/Foswiki/UI.pm line 246
   Foswiki::UI::execute('Foswiki::Request=HASH(0x9118a0c)', 'CODE(0x9114a48)', 'view', 1) called at /var/www/foswiki/core/lib/Foswiki/UI.pm line 120
   Foswiki::UI::handleRequest('Foswiki::Request=HASH(0x9118a0c)') called at /var/www/foswiki/core/lib/Foswiki/Engine/CGI.pm line 26
   Foswiki::Engine::CGI::run('Foswiki::Engine::CGI=HASH(0x8f0e058)') called at /var/www/foswiki/core/bin/view line 42.

I bellieve I have fixed this

C.

ItemTemplate edit

Summary Viewing a topic with a form fails taint test
ReportedBy Foswiki:Main.KennethLavrsen
Codebase trunk
SVN Range TWiki-4.2.3, Wed, 06 Aug 2008, build 17396
AppliesTo Engine
Component
Priority Urgent
CurrentState Closed
WaitingFor
Checkins distro:34efbda2f306
TargetRelease patch
ReleasedIn 1.0.0
Topic revision: r3 - 22 Dec 2008, CrawfordCurrie
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License    Legal Imprint    Privacy Policy