From 5a734d59115a38312ff739baacbc528dcfebba28 Mon Sep 17 00:00:00 2001 From: joey Date: Sat, 16 Sep 2006 15:30:18 +0000 Subject: [PATCH 1/1] web commit by JamesWestby --- doc/patchqueue/various_fixes.mdwn | 49 +++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) diff --git a/doc/patchqueue/various_fixes.mdwn b/doc/patchqueue/various_fixes.mdwn index 8de4974e4..81cb6c592 100644 --- a/doc/patchqueue/various_fixes.mdwn +++ b/doc/patchqueue/various_fixes.mdwn @@ -36,6 +36,21 @@ sure what the CGI was running under. > Can you reproduce the problem running svn info outside of ikiwiki? > --[[Joey]] +>> I've now managed to reproduce the problem. I'll try and give some more information. +>> When going to the Recent Changes link I get + + [Sat Sep 16 15:16:08 2006] [error] [client xxxx] svn: Can't check path '/home/jw2328/.subversion': Permission denied, referer: http://xxxxx/test/sandbox.html + [Sat Sep 16 15:16:08 2006] [error] [client xxxx] Use of uninitialized value in concatenation (.) or string at /usr/lib/perl5/site_perl/5.8.3/IkiWiki/Rcs/svn.pm line 145., referer: http://xxxx/test/sandbox.html + [Sat Sep 16 15:16:08 2006] [error] [client xxxxx] svn: Can't check path '/home/jw2328/.subversion': Permission denied, referer: http://xxxx/test/sandbox.html + [Sat Sep 16 15:16:09 2006] [error] [client xxxx] File does not exist: at /usr/lib/perl5/site_perl/5.8.3/IkiWiki/Rcs/svn.pm line 145, referer: http://xxxx/test/sandbox.html + [Sat Sep 16 15:16:09 2006] [error] [client xxxx] Premature end of script headers: ikitest, referer: http://xxxx/test/sandbox.html + +>> which the $svn_url is causing the uninitialised value, due to the +>> LANG=C it seems, as if I remove it it goes away. +>> The file does not exist is due to the unreadable .subversion. +>> echoing the LANG before it is set shows that the variable is normally +>> empty for the user that is running it. + The second removes problems with cannot access /home/$user/.svnsomething in the logs. I think this problem was also fatal (I should have reported these sooner). @@ -57,6 +72,15 @@ much help I'm afraid. > > What's the error message? --[[Joey]] +>> `svn: Can't check path '/home/jw2328/.subversion': Permission denied,` +>> where jw2328 is my usual user. +>> I have restrictive permissions of 0700 on home dirs on the server, +>> and the CGI is running as uid apache, euid root. (Not my setup anymore). +>> The way I had it set up, was jw2328 owning thesource dir, and the svn repo, +>> with g+sw on them both. I ran sudo ikiwiki --setup though, as I was reluctant +>> to adjust permissions on my cgi-dir. This seems to be the root of the +>> problem. + ---- --- IkiWiki/Plugin/search.pm @@ -78,6 +102,8 @@ you. > This should be made configurable via an option in %IkiWiki::config, > the search plugin could register a getopt hook to handle it. --[[Joey]] +>> Like this? + ---- --- IkiWiki.pm @@ -133,6 +159,27 @@ informative if that code path is ever taken, but I hope that it never is. > > --[[Joey]] +>> It seems like it is always the (with instrumentation) + + elsif ($word =~ /^(link|backlink|created_before|created_after|creation_month|creation_year|creation_day)\((.+)\)$/) { + warn("\$1 tainted=".tainted($1).", \$2 tainted=".tainted($2)." \$code tainted=".tainted($code)); + $code.=" match_$1(\$page, ".safequote($2).")"; + warn("\$1 tainted=".tainted($1).", \$2 tainted=".tainted($2)." \$code tainted=".tainted($code)); + warn("safequote tainted=".tainted(safequote($2))); + } + +>> bit that causes it. With the following trace: + + $1 tainted=0, $2 tainted=0 $code tainted=0 at IkiWiki.pm line 718. + $1 tainted=0, $2 tainted=0 $code tainted=1 at IkiWiki.pm line 720. + safequote tainted=0 at IkiWiki.pm line 721. + +>> which shows that `$code` appears to become tainted from nowhere. +>> +>> is what pointed me to find the problem/workaround. + + + ---- As for backports there is a problem with the sarge version of libcgi-session-perl @@ -145,6 +192,8 @@ bug if anyone actually uses my sslcookie option except me. > May as well, done --[[Joey]] +>> Thanks. + As for backports I managed with * ikiwiki_1.26 -- 2.45.0