[Koha-bugs] [Bug 15747] Auth.pm flooding error log with "CGI::param called in list context"
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Fri Feb 12 11:54:01 CET 2016
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15747
Marcel de Rooy <m.de.rooy at rijksmuseum.nl> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #47903|0 |1
is obsolete| |
--- Comment #3 from Marcel de Rooy <m.de.rooy at rijksmuseum.nl> ---
Created attachment 47960
-->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=47960&action=edit
Bug 15747 Auth.pm flooding error log with "CGI::param called in list context"
TEST PLAN
---------
1) git checkout -b bug_15747 origin/master
2) echo > ~/koha-dev/var/log/koha-error_log
3) open up staff interface and log in.
4) cat ~/koha-dev/var/log/koha-error_log
*** BEGIN SNIP ***
[Thu Feb 11 09:49:43.627711 2016] [cgi:error] [pid 2132] [client
192.168.71.222:51107] AH01215: [Thu Feb 11 09:49:43 2016] mainpage.pl:
CGI::param called in list context from package C4::Auth line 401, this can lead
to vulnerabilities. See the warning in "Fetching the value or values of a
single named parameter" at /usr/share/perl5/CGI.pm line 436., referer:
http://library-admin.debiankoha.ca/
*** END SNIP ***
5) logout
6) apply patch
7) echo > ~/koha-dev/var/log/koha-error_log
8) log back in.
9) cat ~/koha-dev/var/log/koha-error_log
-- this time should not be there.
10) koha qa test tools
Signed-off-by: Marcel de Rooy <m.de.rooy at rijksmuseum.nl>
Warning probably depends on the version of perl/CGI.
But this clearly makes it a scalar.
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list