• Do not register here on develop.twiki.org, login with your twiki.org account.
• Use View topic Item7848 for generic doc work for TWiki-6.1.1. Use View topic Item7851 for doc work on extensions that are not part of a release. More... Close
• Anything you create or change in standard webs (Main, TWiki, Sandbox etc) will be automatically reverted on every SVN update.
Does this site look broken?. Use the LitterTray web for test cases.

Since the possibility of including the same topic with different parameters repeatedly it is possible to code an infinite TWikiML loop where the argument to the INCLUDE are recursive as well:

%<nop>INCLUDE{"%TOPIC%" ARG="%ARG% more more more"}%

This leads to a DoS of your TWiki server. Perl recognizes a deep recursion but will not die.

So I added a fix that limits recursive INCLUDES to a certain amount even though arguments might change.

fixed in svn 6959.


Summary denial of service attack using recursive INCLUDEs
ReportedBy MichaelDaum
AppliesTo Engine
Priority Urgent
CurrentState Closed

Checkins 6959 6963
Edit | Attach | Watch | Print version | History: r2 < r1 | Backlinks | Raw View |  Raw edit | More topic actions
Topic revision: r2 - 2005-10-10 - MichaelDaum
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2022 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback