Bug #17184 for CGI: Needs Test, Patch: file upload: param('upfile') returns file content instead of file name where there are quotes in the file name.

> Hi, > > I found the following: > > If I try to upload a file that has a SEMICOLON [;] in its name, > > - the upload fails > - the complete file content is returned via the param('upfile')

> (and tends to end up in a scalar that should usually hold the > filename and serve as a filehandle) > > I'm using CGI.pm version 3.05 with Perl v5.8.6 and Apache 1.33

> under Mac OS X 10.4 on the server. Server and client are the same > machine. The problem does not occur with CGI.pm version 2.81 on a

> server and slightly different Apache version (I don't know the exact > versions) I also found the bug on the web! (See below) > > It does not seem to be a browser or client os issue. Mozilla 1.7, IE

> Mac, and Safari all show the same effect. Same effect from a Windows > client with mozilla. > > Here's the code - derived from

> Try to upload a small text file that has a semicolon in its name! > > ################# > #!/usr/bin/perl -wT > use CGI qw(:standard); > use CGI::Carp qw(fatalsToBrowser warningsToBrowser); > use strict; > > print header; > print start_html("Upload File"); > print "Using CGI.pm version: ", $CGI::VERSION; > print h2("Upload Results"); > > my $file = param('upfile'); > unless ( $file ) { > # Build a simple file upload form > print "Nothing yet uploaded?<p>\n"; > print start_multipart_form; > print 'Hint: Try a ', strong('small'), ' file that as a semicolon > [;] in its name', br; > print filefield('upfile', '', 45), br; > print reset, submit('submit','Start Upload'); > print endform; > > } else { > # Print infos > # This might print the complete file content, without any html > encoding, to the browser!! > print "Filename: $file<br>\n"; > > # CGI.pm saves a temporary file for us - check its name > my $tmpfile=tmpFileName($file); > print "TempFile : $tmpfile<br>\n"; > > # Using the "filehandle" that CGI.pm gave us: try to find

> my $fsize = (-s $file) || 0; > print "File Size: $fsize Bytes<br>\n"; > > # print the uploadInfo associative array > my $finfo_ref; > if (defined ($finfo_ref = uploadInfo($file))) { > my $key; > foreach $key (keys %$finfo_ref) { > print $key, ' : ', %{$finfo_ref}->{$key}, br, "\n"; > } > } > > print "File saved!<p>\n"; > } > > print end_html; > ################# > > > Other places to look at: > > - The bug does NOT show up here: > > http://www.apache-asp.org/eg/file_upload.asp > > > - but it does here [2006/01/19]: > > http://www.cgi101.com/book/ch14/upload.html > > Good luck - and thanks anyway!! > > Frank > > >

> Hi, > > I found the following: > > If I try to upload a file that has a SEMICOLON [;] in its name, > > - the upload fails > - the complete file content is returned via the param('upfile') call!! > (and tends to end up in a scalar that should usually hold the > filename and serve as a filehandle) > > I'm using CGI.pm version 3.05 with Perl v5.8.6 and Apache 1.33 (Darwin) > under Mac OS X 10.4 on the server. Server and client are the same > machine. The problem does not occur with CGI.pm version 2.81 on a Linux > server and slightly different Apache version (I don't know the exact > versions) I also found the bug on the web! (See below) > > It does not seem to be a browser or client os issue. Mozilla 1.7, IE for > Mac, and Safari all show the same effect. Same effect from a Windows > client with mozilla. > > Here's the code - derived from http://www.cgi101.com/book/ch14/upload.html > Try to upload a small text file that has a semicolon in its name! > > ################# > #!/usr/bin/perl -wT > use CGI qw(:standard); > use CGI::Carp qw(fatalsToBrowser warningsToBrowser); > use strict; > > print header; > print start_html("Upload File"); > print "Using CGI.pm version: ", $CGI::VERSION; > print h2("Upload Results"); > > my $file = param('upfile'); > unless ( $file ) { > # Build a simple file upload form > print "Nothing yet uploaded?<p>\n"; > print start_multipart_form; > print 'Hint: Try a ', strong('small'), ' file that as a semicolon > [;] in its name', br; > print filefield('upfile', '', 45), br; > print reset, submit('submit','Start Upload'); > print endform; > > } else { > # Print infos > # This might print the complete file content, without any html > encoding, to the browser!! > print "Filename: $file<br>\n"; > > # CGI.pm saves a temporary file for us - check its name > my $tmpfile=tmpFileName($file); > print "TempFile : $tmpfile<br>\n"; > > # Using the "filehandle" that CGI.pm gave us: try to find filesize > my $fsize = (-s $file) || 0; > print "File Size: $fsize Bytes<br>\n"; > > # print the uploadInfo associative array > my $finfo_ref; > if (defined ($finfo_ref = uploadInfo($file))) { > my $key; > foreach $key (keys %$finfo_ref) { > print $key, ' : ', %{$finfo_ref}->{$key}, br, "\n"; > } > } > > print "File saved!<p>\n"; > } > > print end_html; > ################# > > > Other places to look at: > > - The bug does NOT show up here: > > http://www.apache-asp.org/eg/file_upload.asp > > > - but it does here [2006/01/19]: > > http://www.cgi101.com/book/ch14/upload.html > > Good luck - and thanks anyway!!

> > I'll be submitting a test for this shortly that goes in "t/upload.t". > > The test passes with CGI.pm 3.25. > > > > Unless another test can be provided which reproduces this bug, I believe > > this report can be marked as "resolved". > >

> In CGI.pm-3.35 the semicolon problem is fixed for Web use and broken > for command-line use. Semicolon characters used on the command line, > like this: > > $ ./cgipm filename="/abc;def"