ikiwiki/doc/bugs/prune_causing_taint_mode_fa...

36 lines
1.1 KiB
Plaintext
Raw Normal View History

Using ikiwiki version 2.5gpa1 (the backport to Debian 3.1), I suddenly started getting the following error when rebuilding the wiki:
<pre>
successfully generated /home/ikiwiki/cgi-bin/ikiwiki.cgi
Insecure dependency in rmdir while running with -T switch at /usr/share/perl5/IkiWiki/Render.pm line 242.
BEGIN failed--compilation aborted at (eval 5) line 130.
</pre>
I've no idea what's happening (hey, I'm a C programmer), but I've hacked prune() to workaround this as follows:
<pre>
2007-08-21 08:23:07 +02:00
use Scalar::Util qw(tainted);
sub prune ($) {
my $file=shift;
unlink($file);
my $dir=dirname($file);
if (!tainted($file) && $dir =~ /^(.*)$/) {
$dir = $1;
}
while (rmdir($dir)) {
$dir=dirname($dir);
if (!tainted($file) && $dir =~ /^(.*)$/) {
$dir = $1;
}
}
}
2007-08-21 09:16:02 +02:00
</pre>
> Old versions of perl are known to have bugs with taint checking.
> I don't really support using ikiwiki with the perl 5.8.4 in debian
> oldstable, and would recommend upgrading. --[[Joey]]
[[!tag patch done]]