You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modperl@perl.apache.org by Tobias Hoellrich <th...@Adobe.COM> on 2000/08/01 21:42:47 UTC
Shouldn't we escape this regexp?
On one of my web server I ran several times into an issue where I received
an internal server error in Registry.pm under certain conditions. The
error_log says:
[Tue Aug 1 12:15:53 2000] [error] //VJ++.pdf$/: nested *?+ in regexp at
/usr/local2/lib/perl5/site_perl/5.6.0/sun4-solaris/Apache/Registry.pm line 65.
And the offending line in mod_perl 1.23's Registry.pm is:
my $script_name = $path_info && $uri =~ /$path_info$/ ?
substr($uri, 0, length($uri)-length($path_info)) :
$uri;
I run into this situation after constructing a URL which contains a
filename-hint as path_info() (to make it easier for Browsers to figure out
the filename they display in the Save As ... dialog box). In this case the
URL generated was:
http://myserver.com/somescript.pl/VJ%2B%2B.pdf?somearg=somevalue
(Note: If you happen to see "+" in the URL above it means that your
mail-program or my mail-program unescaped the %2B in the original URL)
When the users clicks on this link - boom - above error appears in my log
file and the user sees an "internal error".
I guess we should really escape the path_info() matching and make sure that
perl treats it as a non-regexp string only.
The patch below fixes 1.24 for me and the error has disappeared since then.
Hmmm - I guess I should check all the other places where something like
this may cause troubles ...
Cheers
Tobias
*** Registry.pm.org Tue Aug 1 12:28:58 2000
--- Registry.pm Tue Aug 1 12:29:23 2000
***************
*** 62,68 ****
$r->log_error(sprintf "Apache::Registry::handler examining %s",
$uri) if $Debug && $Debug & 4;
my $path_info = $r->path_info;
! my $script_name = $path_info && $uri =~ /$path_info$/ ?
substr($uri, 0, length($uri)-length($path_info)) :
$uri;
--- 62,68 ----
$r->log_error(sprintf "Apache::Registry::handler examining %s",
$uri) if $Debug && $Debug & 4;
my $path_info = $r->path_info;
! my $script_name = $path_info && $uri =~ /\Q$path_info$\E/ ?
substr($uri, 0, length($uri)-length($path_info)) :
$uri;