[Koha-devel] Using unsanitized data in regular expressions

David Cook dcook at prosentient.com.au
Fri Mar 8 06:33:43 CET 2019 

Thanks, Victor. Yeah, it’s certainly related. It’s the same block of code. If the “Lower left X coordinate” plus the length of the string is wider than the template width, it’ll try to line wrap the string.

 

Bug 22462 fixes an issue with the line wrapping, but your issue will still happen. 

 

I figure one solution might be to add some sanity checks to fail early (e.g. “Lower left X coordinate” is wider than the template width, the string doesn’t contain characters that can be used for breaking the string for line wrapping, etc.)

 

David Cook

Systems Librarian

Prosentient Systems

72/330 Wattle St

Ultimo, NSW 2007

Australia

 

Office: 02 9212 0899

Direct: 02 8005 0595

 

From: koha-devel-bounces at lists.koha-community.org [mailto:koha-devel-bounces at lists.koha-community.org] On Behalf Of Katrin Fischer
Sent: Friday, 8 March 2019 6:40 AM
To: koha-devel at lists.koha-community.org
Subject: Re: [Koha-devel] Using unsanitized data in regular expressions

 

Hi Victor,

did you see

 <https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=22462> Bug 22462 - Crash in patron card printing ?

Katrin



On 07.03.19 11:22, Victor Grousset wrote:



On 19-03-07 06:43, David Cook wrote: 



This one is problematic because it's inability to work can cause infinite loops which can bring down web servers or potentially even entire servers. 
C4/Patroncards/Patroncard.pm:                $line =~ s/$1//; 


Indeed, because the process won't timeout and it will take on Starman worker forever (when it's used) 





I'm just thinking that maybe we should be more careful with what we're feeding into regular expressions. 

(Although the infinite loop is actually indicative of other problems with C4/Patroncards/Patroncard.pm...) 


There might be a linked issue in the label creator. 
A colleague of mine triggered an infinite loop when creating label by setting "Lower left X coordinate" to 100. 
We hope to soon retry to reproduce and create a bugzilla about this. 

Cheers, 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.koha-community.org/pipermail/koha-devel/attachments/20190308/154c4bb1/attachment.html>

More information about the Koha-devel mailing list