Context Navigation

Modify ↓

#12404 closed defect (duplicate)

TypeError: must be string without null bytes, not str

Reported by:	Ryan J Ollos	Owned by:
Priority:	normal	Milestone:
Component:	version control	Version:
Severity:	normal	Keywords:	svn
Cc:		Branch:
Release Notes:
API Changes:
Internal Changes:

Description

From the logs:

[pid 17754 139730844530432] 2016-03-14 23:16:44,080 Trac[main] ERROR: Internal Server Error: <RequestWithSession "GET '/changeset?new_path=tags/trac-0.11.2.1<%00ScRiPt%20%0d%0a>prompt(980706)</ScRiPt>&old_path=tags/trac-0.11.2'">, referrer 'http://trac.edgewall.org/'
Traceback (most recent call last):
  File "/usr/local/virtualenv/1.1dev/lib/python2.7/site-packages/trac/web/main.py", line 607, in _dispatch_request
    dispatcher.dispatch(req)
  File "/usr/local/virtualenv/1.1dev/lib/python2.7/site-packages/trac/web/main.py", line 256, in dispatch
    resp = chosen_handler.process_request(req)
  File "/usr/local/virtualenv/1.1dev/lib/python2.7/site-packages/trac/versioncontrol/web_ui/changeset.py", line 351, in process_request
    self._render_html(req, repos, chgset, restricted, data)
  File "/usr/local/virtualenv/1.1dev/lib/python2.7/site-packages/trac/versioncontrol/web_ui/changeset.py", line 578, in _render_html
    diff_changes = list(get_changes())
  File "/usr/local/virtualenv/1.1dev/lib/python2.7/site-packages/trac/versioncontrol/web_ui/changeset.py", line 476, in get_changes
    old_path=data['old_path'], old_rev=data['old_rev']):
  File "/usr/local/virtualenv/1.1dev/lib/python2.7/site-packages/tracopt/versioncontrol/svn/svn_fs.py", line 693, in get_changes
    if self.has_node(new_path, new_rev):
  File "/usr/local/virtualenv/1.1dev/lib/python2.7/site-packages/tracopt/versioncontrol/svn/svn_fs.py", line 413, in has_node
    node_type = fs.check_path(rev_root, _to_svn(pool(), self.scope, path),
  File "/usr/local/virtualenv/1.1dev/lib/python2.7/site-packages/tracopt/versioncontrol/svn/svn_fs.py", line 96, in _to_svn
    pool)
  File "/usr/lib/python2.7/dist-packages/libsvn/core.py", line 4781, in svn_path_canonicalize
    return _core.svn_path_canonicalize(*args)
TypeError: must be string without null bytes, not str

Attachments (0)

Change History (2)

comment:1 by Jun Omae, 10 years ago

Null byte attack, the same issue as #12403. See also, proposed patch in comment:2:ticket:12403.

comment:2 by Ryan J Ollos, 10 years ago

Milestone:	next-stable-1.0.x
Resolution:	→ duplicate
Status:	new → closed

Thanks. Tons of stuff in the logs the past two days. I guess someone is trying to attack us.

Modify Ticket

Change Properties

Summary:
Description:	From the logs: {{{ [pid 17754 139730844530432] 2016-03-14 23:16:44,080 Trac[main] ERROR: Internal Server Error: <RequestWithSession "GET '/changeset?new_path=tags/trac-0.11.2.1<%00ScRiPt%20%0d%0a>prompt(980706)</ScRiPt>&old_path=tags/trac-0.11.2'">, referrer 'http://trac.edgewall.org/' Traceback (most recent call last): File "/usr/local/virtualenv/1.1dev/lib/python2.7/site-packages/trac/web/main.py", line 607, in _dispatch_request dispatcher.dispatch(req) File "/usr/local/virtualenv/1.1dev/lib/python2.7/site-packages/trac/web/main.py", line 256, in dispatch resp = chosen_handler.process_request(req) File "/usr/local/virtualenv/1.1dev/lib/python2.7/site-packages/trac/versioncontrol/web_ui/changeset.py", line 351, in process_request self._render_html(req, repos, chgset, restricted, data) File "/usr/local/virtualenv/1.1dev/lib/python2.7/site-packages/trac/versioncontrol/web_ui/changeset.py", line 578, in _render_html diff_changes = list(get_changes()) File "/usr/local/virtualenv/1.1dev/lib/python2.7/site-packages/trac/versioncontrol/web_ui/changeset.py", line 476, in get_changes old_path=data['old_path'], old_rev=data['old_rev']): File "/usr/local/virtualenv/1.1dev/lib/python2.7/site-packages/tracopt/versioncontrol/svn/svn_fs.py", line 693, in get_changes if self.has_node(new_path, new_rev): File "/usr/local/virtualenv/1.1dev/lib/python2.7/site-packages/tracopt/versioncontrol/svn/svn_fs.py", line 413, in has_node node_type = fs.check_path(rev_root, _to_svn(pool(), self.scope, path), File "/usr/local/virtualenv/1.1dev/lib/python2.7/site-packages/tracopt/versioncontrol/svn/svn_fs.py", line 96, in _to_svn pool) File "/usr/lib/python2.7/dist-packages/libsvn/core.py", line 4781, in svn_path_canonicalize return _core.svn_path_canonicalize(*args) TypeError: must be string without null bytes, not str }}} You may use WikiFormatting here.
Type:		Priority:
Milestone:		Component:
Version:		Severity:
Keywords:		Cc:	Set your email in Preferences
Branch:
Release Notes:
API Changes:
Internal Changes:

Action

leave as closed The ticket will remain with no owner.

reopen The resolution will be deleted. Next status will be 'reopened'.

change ownership to The owner will be changed from (none) to the specified user.

Add Comment

Your email or username:

E-mail address and name can be saved in the Preferences .

You may use WikiFormatting here.

Attachments ↑ Description ↑

Note: See TracTickets for help on using tickets.

Download in other formats: