Artifact [55cc12f2ad]
Not logged in
HomeTimelineBranchesTagsTicketsWikiLogin
Download Hex Parsed

Artifact 55cc12f2ad9285152ffe56d2b96e0f6c2c8ed285:

Ticket change [55cc12f2ad] - New ticket [82067d9922] Partial logo when using CGI. by anonymous 2011-03-17 18:44:36. 
D 2011-03-17T18:44:36.810
J comment I\sonly\sget\sa\spartial\slogo\swhen\susing\sthe\sCGI\sinterface\s(just\sthe\stip\sof\sthe\snose).\sIt\sworks\susing\sthe\sFossil\sui\sor\sserver\sso\sI\sknow\sthe\srepository\sis\snot\scorrupted.\sTo\ssimplify\stroubleshooting,\sI\srequested\sjust\sthe\slogo.\r\n\r\nUsing\sa\snew,\sempty\srepository,\sI\scaptured\sthe\sHTTP\srequest/response\spackets:\r\n\r\n<b>GOOD\sLOGO</b>\s(using\sfossil\sserver)<br/>\r\nhttp://myserver:8080/logo\r\n\r\n<b>REQUEST</b>:\r\n<pre>\r\nGET\s/logo\sHTTP/1.1\r\nHost:\smyserver:8080\r\nConnection:\skeep-alive\r\nCache-Control:\smax-age=0\r\nAccept:\sapplication/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5\r\nUser-Agent:\sMozilla/5.0\s(Windows;\sU;\sWindows\sNT\s5.1;\sen-US)\sAppleWebKit/534.10\s(KHTML,\slike\sGecko)\sChrome/8.0.552.224\sSafari/534.10\r\nAccept-Encoding:\sgzip,deflate,sdch\r\nAccept-Language:\sen-US,en;q=0.8\r\nAccept-Charset:\sISO-8859-1,utf-8;q=0.7,*;q=0.3\r\n</pre>\r\n\r\n<b>RESPONSE</b>:\r\n<pre>\r\nHTTP/1.0\s200\sOK\r\nDate:\sThu,\s17\sMar\s2011\s17:50:20\sGMT\r\nConnection:\sclose\r\nExpires:\sThu,\s24\sMar\s2011\s17:50:20\sGMT\r\nContent-Type:\simage/gif;\scharset=utf-8\r\nContent-Length:\s866\r\n</pre>\r\n<pre>\r\nVersion:\sGIF87a\r\nScreen\swidth:\s62\r\nScreen\sheight:\s71\r\nGlobal\ssettings:\s(Global\scolor\stable\spresent)\s(7\sbits\sper\scolor)\s(5\sbits\sper\spixel)\r\nBackground\scolor\sindex:\s0\r\nGlobal\scolor\smap:\s5581955F889B638B9D6A90A27196A67498A87FA0AF8AA8B6...\r\nImage\sleft\sposition:\s0\r\nImage\stop\sposition:\s0\r\nImage\swidth:\s62\r\nImage\sheight:\s71\r\nLocal\ssettings:\s(1\sbit\sper\scolor)\s(1\sbit\sper\spixel)\r\nLZW\sminimum\scode\ssize:\s5\r\nData\sblock\s(length\s=\s255)\r\n\s0000\s\s\sff\s60\s64\s8d\s64\s69\s9e\sa8\s25\s29\s84\sc0\sa4\s70\s2c\scf\r\n\s0010\s\s\s66\s63\s00\s38\s10\s54\s74\sef\sc7\s8d\s41\s6e\se8\sf8\s19\s8d\r\n\s0020\s\s\sc1\sa1\s52\s71\s6c\sca\s20\s37\se5\sd2\s49\s3d\s29\sa4\s58\s66\r\n\s0030\s\s\sb5\s0a\s29\s60\sb3\s5b\s6a\s23\sf0\s05\s87\s8f\s89\sf2\s57\s7b\r\n\s0040\s\s\sf6\s21\sbe\s51\s6c\sa3\sed\sc6\s0e\s1e\s71\se9\s83\s4e\s73\s48\r\n\s0050\s\s\s0b\s73\s57\s65\s13\s7c\s33\s42\s4a\s08\s13\s10\s43\s64\s4a\s85\r\n\s0060\s\s\s32\s0f\s65\s87\s38\s0b\s4a\s06\s8f\s31\s7e\s6a\s38\s08\s91\s43\r\n\s0070\s\s\s09\s98\s30\s8b\s9b\s05\s16\s0d\s4a\s73\sa1\s29\s93\s65\s0d\s82\r\n\s0080\s\s\s39\s84\saa\s28\sa7\s9b\s00\s5e\s39\s03\sb2\s30\sb7\sb5\s39\sa0\r\n\s0090\s\s\sba\s28\s13\s8d\sbd\s00\s45\sc0\s28\s10\sc3\s9b\sb9\sc7\s29\sc9\r\n\s00a0\s\s\sbd\sbf\scd\sc1\sbc\s83\sd2\s31\saf\s58\sd1\sd6\s26\s13\s03\s0b\r\n\s00b0\s\s\s13\s6f\s7f\s3c\sdb\s27\s37\scc\s13\s0b\s06\s64\s05\s0a\se3\se4\r\n\s00c0\s\s\s25\sa3\s00\sef\s75\s38\see\sf3\s31\sc3\sb1\sf7\s30\s9e\s38\sfb\r\n\s00d0\s\s\s32\sd8\sfe\sc5\s38\s80\s6b\s9e\s02\s7d\sab\s72\s5c\sda\sf6\s60\r\n\s00e0\s\s\s42\s03\s04\s32\s86\sb0\s91\s06\s61\s40\s90\s18\s13\s88\s6c\s5b\r\n\s00f0\s\s\sb1\sa0\s00\sc2\s13\sfd\s00\sd8\s6b\sd6\se0\sc0\s81\s05\s10\s53\r\nData\sblock\s(length\s=\s255)\r\nData\sblock\s(length\s=\s231)\r\nData\sblock\s(length\s=\s0)\r\nTrailer\s(End\sof\sthe\sGIF\sstream)\r\n</pre>\r\n\r\n<b>BAD\sLOGO</b>\s(using\sCGI):<br/>\r\nhttp://myserver/cgi-bin/Fossil.pl?repository=/Projects/Test/Test.fossil\r\n\r\n<p>\r\nFossil.pl\sis\sa\sPerl\sscript\sthat\stakes\sthe\squery\sstring\sand\screates\sa\scookie\sthat\sused\sfor\ssubsequent\srequests,\screates\sthe\sa\sFossil.cgi\sfile:\r\n</p>\r\n<pre>\r\n\s\s\s#!Fossil\r\n\s\s\srepository:\s\\Projects\\Test\\Test.fossil\r\n</pre>\r\n<p>\r\nNext,\sit\sinvokes\sFossil,\scaptures\sthe\soutput,\slogs\sit\sthen\ssends\sit\sto\sstdout\sfor\sthe\sweb\sbrowser.\r\n\r\nhttp://myserver/cgi-bin/Fossil.pl/logo\s\s(uses\scookie\screated\sabove)\r\n</p>\r\n\r\n<b>REQUEST</b>:\r\n<pre>\r\nGET\s/cgi-bin/Fossil.pl/logo\sHTTP/1.1\r\nHost:\svserver1\r\nConnection:\skeep-alive\r\nCache-Control:\smax-age=0\r\nAccept:\sapplication/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5\r\nUser-Agent:\sMozilla/5.0\s(Windows;\sU;\sWindows\sNT\s5.1;\sen-US)\sAppleWebKit/534.10\s(KHTML,\slike\sGecko)\sChrome/8.0.552.224\sSafari/534.10\r\nAccept-Encoding:\sgzip,deflate,sdch\r\nAccept-Language:\sen-US,en;q=0.8\r\nAccept-Charset:\sISO-8859-1,utf-8;q=0.7,*;q=0.3\r\nCookie:\srepository=\\Projects\\Test\\Test.fossil\r\n</pre><pre>\r\nRESPONSE:\r\nHTTP/1.1\s200\sOK\r\nContent-Length:\s866\r\nContent-Type:\simage/gif;\scharset=utf-8\r\nExpires:\sThu,\s24\sMar\s2011\s17:54:13\sGMT\r\nServer:\sMicrosoft-IIS/6.0\r\nDate:\sThu,\s17\sMar\s2011\s17:54:13\sGMT\r\n</pre>\r\n<pre>\r\nVersion:\sGIF87a\r\nScreen\swidth:\s62\r\nScreen\sheight:\s71\r\nGlobal\ssettings:\s(Global\scolor\stable\spresent)\s(7\sbits\sper\scolor)\s(5\sbits\sper\spixel)\r\nLZW\sminimum\scode\ssize:\s5\r\nData\sblock\s(length\s=\s255)\r\n\s0000\s\s\sff\s60\s64\s8d\s64\s69\s9e\sa8\s25\s29\s84\sc0\sa4\s70\s2c\scf\r\n\s0010\s\s\s66\s63\s00\s38\s10\s54\s74\sef\sc7\s8d\s41\s6e\se8\sf8\s19\s8d\r\n\s0020\s\s\sc1\sa1\s52\s71\s6c\sca\s20\s37\se5\sd2\s49\s3d\s29\sa4\s58\s66\r\n\s0030\s\s\sb5\s<b>0d</b>\s0a\s29\s60\sb3\s5b\s6a\s23\sf0\s05\s87\s8f\s89\sf2\s57\r\n\s0040\s\s\s7b\sf6\s21\sbe\s51\s6c\sa3\sed\sc6\s0e\s1e\s71\se9\s83\s4e\s73\r\n\s0050\s\s\s48\s0b\s73\s57\s65\s13\s7c\s33\s42\s4a\s08\s13\s10\s43\s64\s4a\r\n\s0060\s\s\s85\s32\s0f\s65\s87\s38\s0b\s4a\s06\s8f\s31\s7e\s6a\s38\s08\s91\r\n\s0070\s\s\s43\s09\s98\s30\s8b\s9b\s05\s16\s0d\s4a\s73\sa1\s29\s93\s65\s0d\r\n\s0080\s\s\s82\s39\s84\saa\s28\sa7\s9b\s00\s5e\s39\s03\sb2\s30\sb7\sb5\s39\r\n\s0090\s\s\sa0\sba\s28\s13\s8d\sbd\s00\s45\sc0\s28\s10\sc3\s9b\sb9\sc7\s29\r\n\s00a0\s\s\sc9\sbd\sbf\scd\sc1\sbc\s83\sd2\s31\saf\s58\sd1\sd6\s26\s13\s03\r\n\s00b0\s\s\s0b\s13\s6f\s7f\s3c\sdb\s27\s37\scc\s13\s0b\s06\s64\s05\s<b>0d</b>\s0a\r\n\s00c0\s\s\se3\se4\s25\sa3\s00\sef\s75\s38\see\sf3\s31\sc3\sb1\sf7\s30\s9e\r\n\s00d0\s\s\s38\sfb\s32\sd8\sfe\sc5\s38\s80\s6b\s9e\s02\s7d\sab\s72\s5c\sda\r\n\s00e0\s\s\sf6\s60\s42\s03\s04\s32\s86\sb0\s91\s06\s61\s40\s90\s18\s13\s88\r\n\s00f0\s\s\s6c\s5b\sb1\sa0\s00\sc2\s13\sfd\s00\sd8\s6b\sd6\se0\sc0\s81\s05\r\nData\sblock\s(length\s=\s16)\r\nData\sblock\s(length\s=\s182)\r\nData\sblock\s(length\s=\s65)\r\nData\sblock\s(length\s=\s201)\r\nData\sblock\s(length\s=\s10)\r\nData\sblock\s(length\s=\s213\r\n[Malformed\sPacket:\sGIF\simage])\r\n</pre>\r\n<p>\r\nThe\s<b>bold</b>\sdata\sbytes\sexist\sin\sthe\sbad\simage\sdata\sbut\snot\sin\sthe\sgood\simage\sdata.\s\r\n\r\nI\sonly\schecked\sthe\sfirst\sdata\sblock\sbut\smy\sguess\sis\sthat\sall\sthe\s\\n\swere\sconverted\sinto\s\\r\\n\sin\sthe\simage\sdata.\r\n</p>
J foundin 1d93222627
J private_contact 620b50abb40c8bd86673a803ccbd0f35162f9714
J severity Cosmetic
J status Open
J title Partial\slogo\swhen\susing\sCGI
J type Code_Defect
K 82067d99225350060802d33f450b1c7539af58b9
U anonymous
Z cb38e1c1cc9c0caba1220bf77182dd25
Fossil version [4df919803b] 2020-05-25 23:23:49