git.vanrenterghem.biz Git - git.ikiwiki.info.git/commit

]> git.vanrenterghem.biz Git - git.ikiwiki.info.git/commit

projects / git.ikiwiki.info.git / commit

author	Simon McVittie <smcv@debian.org>
	Sat, 11 Oct 2014 08:28:22 +0000 (09:28 +0100)
committer	Simon McVittie <smcv@debian.org>
	Thu, 16 Oct 2014 21:24:47 +0000 (22:24 +0100)
commit	f4ec7b06d97c8406c5f5be7332ead2f28c271371
tree	e4c49055cbf2268321cbd79f13c8eb9762336096	tree \| snapshot
parent	d8943d8668d2489b78d9c7c2abdad9f71d193724	commit \| diff

Make sure we do not pass multiple CGI parameters in function calls

When CGI->param is called in list context, such as in function
parameters, it expands to all the potentially multiple values
of the parameter: for instance, if we parse query string a=b&a=c&d=e
and call func($cgi->param('a')), that's equivalent to func('b', 'c').
Most of the functions we're calling do not expect that.

I do not believe this is an exploitable security vulnerability in
ikiwiki, but it was exploitable in Bugzilla.

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom

IkiWiki/Plugin/attachment.pm		diff \| blob \| history
IkiWiki/Plugin/goto.pm		diff \| blob \| history
IkiWiki/Plugin/inline.pm		diff \| blob \| history
IkiWiki/Plugin/openid.pm		diff \| blob \| history
IkiWiki/Plugin/poll.pm		diff \| blob \| history
IkiWiki/Plugin/rename.pm		diff \| blob \| history