Merge commit 'upstream/master'

diff --git a/IkiWiki.pm b/IkiWiki.pm
index 5e21e7090d09693a0f835d90145df8504142b367..735dc97b14f32dce588410e00b9063342054a668 100644 (file)
--- a/IkiWiki.pm
+++ b/IkiWiki.pm
@@ -721,6 +721,10 @@ sub readfile ($;$$) { #{{{
        binmode($in) if ($binary);
        return \*$in if $wantfd;
        my $ret=<$in>;
+       # check for invalid utf-8, and toss it back to avoid crashes
+       if (! utf8::valid($ret)) {
+               $ret=encode_utf8($ret);
+       }
        close $in || error("failed to read $file: $!");
        return $ret;
 } #}}}

diff --git a/debian/changelog b/debian/changelog
index 99f35482e942e6d75269f89eb00a08aa139f83c2..dd19c14634530de0d6d758a98a809c3d3a06f3d0 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+ikiwiki (2.70) unstable; urgency=low
+
+  * Avoid crash on malformed utf-8 discovered by intrigeri.
+
+ -- Joey Hess <joeyh@debian.org>  Wed, 12 Nov 2008 17:45:58 -0500
+
 ikiwiki (2.69) unstable; urgency=low
 
   * Avoid multiple ikiwiki cgi processes piling up, eating all memory,

diff --git a/doc/news/version_2.65.mdwn b/doc/news/version_2.65.mdwn
deleted file mode 100644 (file)
index db6afd9..0000000
--- a/doc/news/version_2.65.mdwn
+++ /dev/null
@@ -1,25 +0,0 @@
-ikiwiki 2.65 released with [[!toggle text="these changes"]]
-[[!toggleable text="""
-   * aggregate: Expire excess or old items on the same pass that adds them,
-     not only on subsequent passes.
-   * editdiff: Broken since 2.62 due to wrong syntax, now fixed.
-   * aggregate: Support atom feeds with only a summary element, and no content
-     elements.
-   * progress: Display an error if the progress cannot be parsed, and allow
-     the percent parameter to only optionally end with "%".
-   * Fix reversion in use of ikiwiki -verbose -setup with a setup file that
-     enables syslog. Setup output is once again output to stdout in this
-     case.
-   * edittemplate: Default new page file type to the same type as the template.
-     (willu)
-   * edittemplate: Add "silent" parameter. (Willu)
-   * edittemplate: Link to template, to allow creating it. (Willu)
-   * editpage: Add a missing check that the page name contains only legal
-     characters, in addition to the existing check for pruned filenames.
-   * Print a debug message if a page has multiple source files.
-   * Add keepextension parameter to htmlize hook. (Willu)
-   * rename, remove: Don't rely on a form parameter to tell whether the page
-     should be treated as an attachment.
-   * rename: Add support for moving SubPages of a page when renaming it.
-     (Sponsored by The TOVA Company.)
-   * rename: Hide type field from rename form when renaming attachments."""]]
\ No newline at end of file

diff --git a/doc/news/version_2.70.mdwn b/doc/news/version_2.70.mdwn
new file mode 100644 (file)
index 0000000..f0830ef
--- /dev/null
+++ b/doc/news/version_2.70.mdwn
@@ -0,0 +1,3 @@
+ikiwiki 2.70 released with [[!toggle text="these changes"]]
+[[!toggleable text="""
+   * Avoid crash on malformed utf-8 discovered by intrigeri."""]]
\ No newline at end of file

diff --git a/doc/security.mdwn b/doc/security.mdwn
index 0841abf495a3d62580bfa849bbc8bafe13d58497..b067a8a16c6d2ca67b088db24fa1cb876186d2ff 100644 (file)
--- a/doc/security.mdwn
+++ b/doc/security.mdwn
@@ -407,3 +407,13 @@ discovered on 30 May 2008 and fixed the same day. ([[!cve CVE-2008-0169]])
 
 I recommend upgrading to 2.48 immediatly if your wiki allows both password
 and openid logins.
+
+## Malformed UTF-8 DOS
+
+Feeding ikiwiki page sources containing certian forms of malformed UTF-8
+can cause it to crash. This can potentially be used for a denial of service
+attack.
+
+intrigeri discovered this problem on 12 Nov 2008 and a patch put in place
+later that day, in version 2.70. The fix was backported to testing as version
+2.53.2, and to stable as version 1.33.7.