Item9419: Taint issue related to $web fatal with asserts on

pencil
Priority: Urgent
Current State: Closed
Released In: 1.1.0
Target Release: minor
Applies To: Engine
Component:
Branches:
Reported By: KennethLavrsen
Waiting For:
Last Change By: KennethLavrsen
While debugging another issue I tried to turn asserts on

And just viewing a normal topic gives.

Assertion (web is tainted) failed!
 at /var/www/foswiki/core/lib/Assert.pm line 78
   Assert::ASSERT('undef', 'web is tainted') called at /var/www/foswiki/core/lib/Foswiki.pm line 3562
   Foswiki::topicExists('Foswiki=HASH(0x8b91dfc)', 'Sandbox', 'PatternSkinViewTemplate') called at /var/www/foswiki/core/lib/Foswiki/Templates.pm line 435
   Foswiki::Templates::_readTemplateFile('Foswiki::Templates=HASH(0x9476518)', 'undef', 'pattern', 'Sandbox') called at /var/www/foswiki/core/lib/Foswiki/Templates.pm line 238
   Foswiki::Templates::readTemplate('Foswiki::Templates=HASH(0x9476518)', 'view', 'no_oops', 1) called at /var/www/foswiki/core/lib/Foswiki/UI/View.pm line 226
   Foswiki::UI::View::view('Foswiki=HASH(0x8b91dfc)') called at /var/www/foswiki/core/lib/Foswiki/UI.pm line 310
   Foswiki::UI::__ANON__() called at /usr/lib/perl5/vendor_perl/5.8.8/Error.pm line 415
   eval {...} called at /usr/lib/perl5/vendor_perl/5.8.8/Error.pm line 407
   Error::subs::try('CODE(0x8b2e684)', 'HASH(0x8b91bb0)') called at /var/www/foswiki/core/lib/Foswiki/UI.pm line 429
   Foswiki::UI::_execute('Foswiki::Request=HASH(0x8b3cf74)', 'CODE(0x8b57c58)', 'view', 1) called at /var/www/foswiki/core/lib/Foswiki/UI.pm line 277
   Foswiki::UI::handleRequest('Foswiki::Request=HASH(0x8b3cf74)') called at /var/www/foswiki/core/lib/Foswiki/Engine/CGI.pm line 30
   Foswiki::Engine::CGI::run('Foswiki::Engine::CGI=HASH(0x87b6f1c)') called at /var/www/foswiki/core/bin/view line 24
 at /var/www/foswiki/core/lib/Assert.pm line 78
   Assert::ASSERT('undef', 'web is tainted') called at /var/www/foswiki/core/lib/Foswiki.pm line 3562
   Foswiki::topicExists('Foswiki=HASH(0x8b91dfc)', 'Sandbox', 'PatternSkinViewTemplate') called at /var/www/foswiki/core/lib/Foswiki/Templates.pm line 435
   Foswiki::Templates::_readTemplateFile('Foswiki::Templates=HASH(0x9476518)', 'undef', 'pattern', 'Sandbox') called at /var/www/foswiki/core/lib/Foswiki/Templates.pm line 238
   Foswiki::Templates::readTemplate('Foswiki::Templates=HASH(0x9476518)', 'view', 'no_oops', 1) called at /var/www/foswiki/core/lib/Foswiki/UI/View.pm line 226
   Foswiki::UI::View::view('Foswiki=HASH(0x8b91dfc)') called at /var/www/foswiki/core/lib/Foswiki/UI.pm line 310
   Foswiki::UI::__ANON__() called at /usr/lib/perl5/vendor_perl/5.8.8/Error.pm line 415
   eval {...} called at /usr/lib/perl5/vendor_perl/5.8.8/Error.pm line 407
   Error::subs::try('CODE(0x8b2e684)', 'HASH(0x8b91bb0)') called at /var/www/foswiki/core/lib/Foswiki/UI.pm line 429
   Foswiki::UI::_execute('Foswiki::Request=HASH(0x8b3cf74)', 'CODE(0x8b57c58)', 'view', 1) called at /var/www/foswiki/core/lib/Foswiki/UI.pm line 277
   Foswiki::UI::handleRequest('Foswiki::Request=HASH(0x8b3cf74)') called at /var/www/foswiki/core/lib/Foswiki/Engine/CGI.pm line 30
   Foswiki::Engine::CGI::run('Foswiki::Engine::CGI=HASH(0x87b6f1c)') called at /var/www/foswiki/core/bin/view line 24.

We need to get these taint checks either fixed or removed.

-- KennethLavrsen - 31 Jul 2010

ucfirst was the problem again

-- KennethLavrsen - 01 Aug 2010
 

ItemTemplate edit

Summary Taint issue related to $web fatal with asserts on
ReportedBy KennethLavrsen
Codebase
SVN Range
AppliesTo Engine
Component
Priority Urgent
CurrentState Closed
WaitingFor
Checkins distro:8dfe1298df04
TargetRelease minor
ReleasedIn 1.1.0
Topic revision: r3 - 01 Aug 2010, KennethLavrsen
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License    Legal Imprint    Privacy Policy