[TYPO3-core] RFC #12341: Bug: Image Generation broken with PHP safe_mode = On / Graphicsmagick

Til Obes til at obes.name
Mon Dec 21 19:33:14 CET 2009


Hello List,

this is an SVN patch request.

Type: Bugfix

Bugtracker references:
http://bugs.typo3.org/view.php?id=12341

Branches:
 >= 4.2.10


Problem:
When safe_mode = On this results in escapeshellcmd() being called twice 
on the arguments. As the shell only unescapes the command once this 
results in invalid parameters being passed, which causes at least 
GraphicsMagick to hang infinitly.

Solution:
Apply patch 0012341_v3.patch
http://bugs.typo3.org/file_download.php?file_id=8872&type=bug

Notes:
I am not the submitter, but a person who needs this fix.
This failure needs to a Denial of Service, due to gm going to 100%
cpu load for each process.
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: 0012341_v3.patch
URL: <http://lists.typo3.org/pipermail/typo3-team-core/attachments/20091221/f7420472/attachment.asc>


More information about the TYPO3-team-core mailing list