From: Amitai Schlair Date: Wed, 15 Oct 2014 21:32:02 +0000 (+0100) Subject: Call CGI->param_fetch instead of CGI->param in array context X-Git-Tag: debian/3.20141016~10 X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/commitdiff_plain/cfbcbda0ad848334640ad849ed618873ecba8eb4?hp=f4ec7b06d97c8406c5f5be7332ead2f28c271371 Call CGI->param_fetch instead of CGI->param in array context CGI->param has the misfeature that it is context-sensitive, and in particular can expand to more than one scalar in function calls. This led to a security vulnerability in Bugzilla, and recent versions of CGI.pm will warn when it is used in this way. In the situations where we do want to cope with more than one parameter of the same name, CGI->param_fetch (which always returns an array-reference) makes the intention clearer. [commit message added by smcv] --- diff --git a/IkiWiki/CGI.pm b/IkiWiki/CGI.pm index 0224c2aac..f448db6ef 100644 --- a/IkiWiki/CGI.pm +++ b/IkiWiki/CGI.pm @@ -122,7 +122,8 @@ sub decode_cgi_utf8 ($) { if ($] < 5.01) { my $cgi = shift; foreach my $f ($cgi->param) { - $cgi->param($f, map { decode_utf8 $_ } $cgi->param($f)); + $cgi->param($f, map { decode_utf8 $_ } + @{$cgi->param_fetch($f)}); } } } diff --git a/IkiWiki/Plugin/attachment.pm b/IkiWiki/Plugin/attachment.pm index fb8a6539e..9bac96fc6 100644 --- a/IkiWiki/Plugin/attachment.pm +++ b/IkiWiki/Plugin/attachment.pm @@ -144,7 +144,7 @@ sub formbuilder (@) { if ($form->submitted eq "Insert Links") { my $page=quotemeta(Encode::decode_utf8(scalar $q->param("page"))); my $add=""; - foreach my $f ($q->param("attachment_select")) { + foreach my $f (@{$q->param_fetch("attachment_select")}) { $f=Encode::decode_utf8($f); $f=~s/^$page\///; if (IkiWiki::isinlinableimage($f) &&