Re^4: Problem with CGI::Vars

I think, I found a BUG in CGI module.... In CGI soucrce code is this function which read only 10000 bytes from 13100 which my browser sends:

'read_from_client' => <<'END_OF_FUNC',                                
+                                                        
# Read data from a file handle                                        
+                                                        
sub read_from_client {                                                
+                                                        
my($self, $buff, $len, $offset) = @_;                                 
+                        
local $^W=0;                # prevent a warning      

return $MOD_PERL ? $self->r->read($$buff, $len, $offset) : read(\*STDI
+N, $$buff, $len, $offset);                                           
+                                   
}                                                                     
+                                                        
END_OF_FUNC
[download]

This looks ok, but the function calling looks like, it program some kid:

if ($meth eq 'POST') {                                                
+                                                  
      $self->read_from_client(\$query_string,$content_length,0)       
+                                                    
            if $content_length > 0;                                   
+                                                      
      # Some people want to have their cake and eat it too!           
+                                                    
      # Uncomment this line to have the contents of the query string  
+                                                    
      # APPENDED to the POST data.                                    
+                                                    
      #$query_string .= (length($query_string) ? '&' : '') . $ENV{'QUE
+RY_STRING'} if defined $ENV{'QUERY_STRING'};        
                                                                      
+                                                
    last METHOD;                                                      
+                                                  
}
[download]

This only read ONCE! from stdin and does NOT check how many bytes it read!! :-( So my read function on my kvm machine read only 10000 bytes from 13100 and thats all :-/

Comment on Re^4: Problem with CGI::Vars Select or Download Code

Replies are listed 'Best First'.
Re^5: Problem with CGI::Vars by Mr. Muskrat (Canon) on Jun 06, 2011 at 17:20 UTC
Please provide a minimal code sample that exhibits the behavior you are describing.	[reply]
Re^5: Problem with CGI::Vars by Anonymous Monk on Jun 06, 2011 at 22:27 UTC
I think, I found a BUG in CGI module.... Seeing how thus far, you haven't relayed any version information, it is extremely unlikely you found a bug. The code you copy/pasted doesn't match the current version of CGI module. This looks ok, but the function calling looks like, it program some kid: You can always write your own	[reply]
Re^6: Problem with CGI::Vars by Chipper (Initiate) on Jun 07, 2011 at 12:49 UTC
Yes I can, but we use this library... The code in new version of this function is the same! Tell me why they read from STDIN by read function and they didn't check how many bytes function read? This is the basics... The problem is in file: CGI.pm in this function: `if ($meth eq 'POST') { $self->read_from_client(\$query_string,$content_length,0) if $content_length > 0; # Some people want to have their cake and eat it too! # Uncomment this line to have the contents of the query string # APPENDED to the POST data. #$query_string .= (length($query_string) ? '&' : '') . $ENV{'QUERY_S +TRING'} if defined $ENV{'QUERY_STRING'}; last METHOD; }` [download] As I checked by debug prints, function read only 10000 bytes, and 3100 bytes keeps unreaded. This function have to be in while cycle....	[reply] [d/l]
Re^7: Problem with CGI::Vars by Corion (Patriarch) on Jun 07, 2011 at 13:03 UTC
At least CGI v3.35 has this code, which is different from the code you show: if ($meth eq 'POST' \|\| $meth eq 'PUT') { if ( $content_length > 0 ) { $self->read_from_client(\$query_string,$content_length,0); } elsif (not defined $ENV{CONTENT_LENGTH}) { $self->read_from_stdin(\$query_string); # should this be PUTDATA in case of PUT ? my($param) = $meth . 'DATA' ; $self->add_parameter($param) ; push (@{$self->{param}{$param}},$query_string); undef $query_string ; } # Some people want to have their cake and eat it too! # Uncomment this line to have the contents of the query string # APPENDED to the POST data. # $query_string .= (length($query_string) ? '&' : '') . $ENV{'QU +ERY_STRING'} if defined $ENV{'QUERY_STRING'}; last METHOD; } [download] If you're using an old version of `CGI.pm` it makes little sense to complain about bugs in the old version when a newer version which is different is available.	[reply] [d/l] [select]
Re^8: Problem with CGI::Vars by Chipper (Initiate) on Jun 07, 2011 at 20:25 UTC
Re^9: Problem with CGI::Vars by Corion (Patriarch) on Jun 07, 2011 at 21:13 UTC
Some notes below your chosen depth have not been shown here
Re^7: Problem with CGI::Vars by Anonymous Monk on Jun 07, 2011 at 13:08 UTC
Yes I can, but we use this library... The code in new version of this function is the same! Tell me why they read from STDIN by read function and they didn't check how many bytes function read? This is the basics... The problem is in file: CGI.pm in this function: Um, no. Let me repeat that: no. There is no point in quoting bits and pieces of some old version of CGI.pm. On the other hand, there is no point in quoting bits and pieces of CGI.pm at all. ~~You think you found a bug? Great, submit a proper bug report to the CGI maintainer.~~ What version of CGI.pm do you have installed?	[reply]
Re^8: Problem with CGI::Vars by Chipper (Initiate) on Jun 07, 2011 at 20:28 UTC
Re^9: Problem with CGI::Vars by Anonymous Monk on Jun 07, 2011 at 21:58 UTC
Re^8: Problem with CGI::Vars by Chipper (Initiate) on Jun 07, 2011 at 20:26 UTC
Re^9: Problem with CGI::Vars by Anonymous Monk on Jun 07, 2011 at 21:59 UTC
Re^5: Problem with CGI::Vars by ikegami (Patriarch) on Jun 07, 2011 at 21:58 UTC
Is `$MOD_PERL` true or false? `read(\*STDIN, $$buff, 13100, $offset);` (as opposed to `sysread`) should return 13100 chars unless EOF or an error is encountered, but I don't know about the mod_perl method. Even if `read` did act like `sysread`, there's no way it would return 10000 bytes given that 10000 is not even related to a power of two. All signs point to some user-configured (or maybe even hardcoded) limit somewhere not related to `read`.	[reply] [d/l] [select]