Call CGI->param_fetch instead of CGI->param in array context
authorAmitai Schlair <schmonz-web-ikiwiki@schmonz.com>
Wed, 15 Oct 2014 21:32:02 +0000 (22:32 +0100)
committerSimon McVittie <smcv@debian.org>
Thu, 16 Oct 2014 21:24:47 +0000 (22:24 +0100)
CGI->param has the misfeature that it is context-sensitive, and in
particular can expand to more than one scalar in function calls.
This led to a security vulnerability in Bugzilla, and recent versions
of CGI.pm will warn when it is used in this way.

In the situations where we do want to cope with more than one parameter
of the same name, CGI->param_fetch (which always returns an
array-reference) makes the intention clearer.

[commit message added by smcv]

IkiWiki/CGI.pm
IkiWiki/Plugin/attachment.pm

index 0224c2aac34d442c47b04e80d13a06db083fa8e2..f448db6ef8a213fa84d57f72ad236569c510d304 100644 (file)
@@ -122,7 +122,8 @@ sub decode_cgi_utf8 ($) {
        if ($] < 5.01) {
                my $cgi = shift;
                foreach my $f ($cgi->param) {
        if ($] < 5.01) {
                my $cgi = shift;
                foreach my $f ($cgi->param) {
-                       $cgi->param($f, map { decode_utf8 $_ } $cgi->param($f));
+                       $cgi->param($f, map { decode_utf8 $_ }
+                               @{$cgi->param_fetch($f)});
                }
        }
 }
                }
        }
 }
index fb8a6539eac53fd66c85e4c98c09bfb1dbf71bb7..9bac96fc6e0fe59363200b90bc49dd39eccd8dcf 100644 (file)
@@ -144,7 +144,7 @@ sub formbuilder (@) {
        if ($form->submitted eq "Insert Links") {
                my $page=quotemeta(Encode::decode_utf8(scalar $q->param("page")));
                my $add="";
        if ($form->submitted eq "Insert Links") {
                my $page=quotemeta(Encode::decode_utf8(scalar $q->param("page")));
                my $add="";
-               foreach my $f ($q->param("attachment_select")) {
+               foreach my $f (@{$q->param_fetch("attachment_select")}) {
                        $f=Encode::decode_utf8($f);
                        $f=~s/^$page\///;
                        if (IkiWiki::isinlinableimage($f) &&
                        $f=Encode::decode_utf8($f);
                        $f=~s/^$page\///;
                        if (IkiWiki::isinlinableimage($f) &&