• Do not register here on develop.twiki.org, login with your twiki.org account.
• Use View topic Item7848 for generic doc work for TWiki-6.1.1. Use View topic Item7851 for doc work on extensions that are not part of a release. More... Close
• Anything you create or change in standard webs (Main, TWiki, Sandbox etc) will be automatically reverted on every SVN update.
Does this site look broken?. Use the LitterTray web for test cases.

Item5804: Can kill code by appending odd url params (trunk only)

Item Form Data

AppliesTo: Component: Priority: CurrentState: WaitingFor: TargetRelease ReleasedIn
Engine   Urgent Closed TWiki:Main.SvenDowideit n/a 5.0.0

Edit Form Data

Summary:
Reported By:
Codebase:
Applies To:
Component:
Priority:
Current State:
Waiting For:
Target Release:
Released In:
 

Detail

for example:

http://develop.twiki.org/~twiki4/cgi-bin/view/Bugs?as

gets you:

Software error:

Use of uninitialized value in substitution (s///) at /home/twiki4/twikisvn/core/lib/TWiki.pm line 2401.

For help, please send mail to the webmaster (root@localhost), giving this error message and the time and date of the error.
Software error:

[Tue Jul 22 04:19:46 2008] view: Use of uninitialized value in substitution (s///) at /home/twiki4/twikisvn/core/lib/TWiki.pm line 2401.
 at /usr/lib/perl5/5.8.5/CGI/Carp.pm line 314
   CGI::Carp::realdie('[Tue Jul 22 04:19:46 2008] view: Use of uninitialized value i...') called at /usr/lib/perl5/5.8.5/CGI/Carp.pm line 400
   CGI::Carp::die('Use of uninitialized value in substitution (s///) at /home/tw...') called at /home/twiki4/twikisvn/core/lib/TWiki.pm line 165
   TWiki::__ANON__('Use of uninitialized value in substitution (s///) at /home/tw...') called at /home/twiki4/twikisvn/core/lib/TWiki.pm line 2401
   TWiki::urlEncode('undef') called at /home/twiki4/twikisvn/core/lib/TWiki/Request.pm line 227
   TWiki::Request::queryString('TWiki::Request=HASH(0x9a8c90c)') called at /home/twiki4/twikisvn/core/lib/TWiki/Request.pm line 276
   TWiki::Request::url('TWiki::Request=HASH(0x9a8c90c)') called at /home/twiki4/twikisvn/core/lib/TWiki/LoginManager.pm line 286
   TWiki::LoginManager::loadSession('TWiki::LoginManager::ApacheLogin=HASH(0x9d48740)', 'undef') called at /home/twiki4/twikisvn/core/lib/TWiki/Users.pm line 110
   TWiki::Users::new('TWiki::Users', 'TWiki=HASH(0x97768d8)') called at /home/twiki4/twikisvn/core/lib/TWiki.pm line 1302
   TWiki::new('TWiki', 'undef', 'TWiki::Request=HASH(0x9a8c90c)', 'HASH(0x99571a4)') called at /home/twiki4/twikisvn/core/lib/TWiki/UI.pm line 169
   TWiki::UI::execute('TWiki::Request=HASH(0x9a8c90c)', 'CODE(0x9af6b30)', 'view', 1) called at /home/twiki4/twikisvn/core/lib/TWiki/UI.pm line 125
   TWiki::UI::handleRequest('TWiki::Request=HASH(0x9a8c90c)') called at /home/twiki4/twikisvn/core/lib/TWiki/Engine/CGI.pm line 48
   TWiki::Engine::CGI::run('TWiki::Engine::CGI=HASH(0x99b99c4)') called at view line 43

For help, please send mail to the webmaster (root@localhost), giving this error message and the time and date of the error. 

-- TWiki:Main/SvenDowideit - 22 Jul 2008

There is two places where this problem appears:

  • TWiki::Request::queryString - could send undef value to TWiki::urlEncode
  • TWiki::urlEncode - doesn't check if $text is defined

I think both "problems" could be fixed.

-- TWiki:Main.GilmarSantosJr - 22 Jul 2008

I've fixed only the first (that solved the issue reported). What about the second point?

-- TWiki:Main.GilmarSantosJr - 22 Jul 2008

The issue seems to be fixed.. could not recreate it on trunk code-so closing this.

-- TWiki:Main.SopanShewale - 16 Jul 2009

ItemTemplate
Summary Can kill code by appending odd url params (trunk only)
ReportedBy TWiki:Main.SvenDowideit
Codebase ~twiki4
SVN Range TWiki-5.0.0, Mon, 21 Jul 2008, build 17093
AppliesTo Engine
Component

Priority Urgent
CurrentState Closed
WaitingFor TWiki:Main.SvenDowideit
Checkins TWikirev:17102
TargetRelease n/a
ReleasedIn 5.0.0
Edit | Attach | Watch | Print version | History: r7 < r6 < r5 < r4 < r3 | Backlinks | Raw View |  Raw edit | More topic actions
Topic revision: r7 - 2009-07-16 - SopanShewale
 
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2024 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback