Bug #441 for CGI-Debug: CGI::Debug reinitializes $CGI::POST

Tue Apr 02 17:09:37 2002 Guest - Ticket created

Subject:

CGI::Debug reinitializes $CGI::POST_MAX ?

CGI::Debug version 1.0 CGI.pm version 2.752 Perl 5.6.1 (Linux, Debian Woody) I am having difficulty reproducing this problem from the command line, but it seems that under certain circumstances CGI::Debug will cause $CGI::POST_MAX to be re-initialized. The top of the program where I see this problem looks similar to the following: #!/usr/bin/perl use CGI::Debug; use CGI; BEGIN { $CGI::POST_MAX = 1024; $CGI::DISABLE_UPLOADS = 0; } my $q = CGI->new; if ($q->cgi_error) { ...handle the error... } ... I found that CGI.pm was not throwing an error, even though the uploaded file exceeded the POST_MAX limit by a significant margin. Checking $CGI::POST_MAX showed that it was zero (or undef, sorry, I can't recall). Commenting out the use statement that requires CGI::Debug causes the code to behave as expected when a file exceeding $CGI::POST_MAX is uploaded. I could be totally mistaken about this problem, it may be my fault, but I thought that since changes to $CGI::POST_MAX could be a security problem it would be worth mentioning. As soon as I can isolate the minimal test case that reproduces the problem I will post it.

Wed Jul 31 20:29:25 2002 jonas [...] paranormal.se - Taken

Wed Jul 31 20:30:38 2002 jonas [...] paranormal.se - Status changed from 'new' to 'open'

Wed Jul 31 20:32:55 2002 jonas [...] paranormal.se - Correspondence added

I'm sorry about the delay. I must have missed the email and didn't get any reminder about a new bug. Show quoted text

> #!/usr/bin/perl > > use CGI::Debug; > use CGI; > BEGIN { $CGI::POST_MAX = 1024; $CGI::DISABLE_UPLOADS = 0; } > my $q = CGI->new;

The setting is not lost. But the error is. I will try to find a way to not get in the way of the CGI module.

Bug #441 for CGI-Debug: CGI::Debug reinitializes $CGI::POST_MAX ?