Project

General

Profile

Actions

Bug #21087

closed

If safe_mode is enabled, thumb generation fails for file with "&" in filename

Added by anselm about 15 years ago. Updated over 11 years ago.

Status:
Closed
Priority:
Must have
Assignee:
-
Category:
Backend User Interface
Target version:
-
Start date:
2009-09-18
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
4.1
PHP Version:
5.2
Tags:
Complexity:
Is Regression:
Sprint Focus:

Description

When trying to view a thumb for a file with an ampersand in the filename, it shows the default "no thumb generated" image.

I appended a screenshot that shows this error in the DAM-Edit window.

I guess in t3lib/thumbs.php, wrapFileName() should escape the filename with escapeshellarg instead of just wrapping it with quotes.

[added by Olly]
Seems like this occurs in all TYPO3 versions
http://forge.typo3.org/repositories/revision/typo3v4-core/6258
http://forge.typo3.org/repositories/revision/typo3v4-core/6259
http://forge.typo3.org/repositories/revision/typo3v4-core/6260
(issue imported from #M11993)


Files

nothumb.JPG (24 KB) nothumb.JPG Administrator Admin, 2009-09-18 11:44
thumbs.php.patch (530 Bytes) thumbs.php.patch Administrator Admin, 2009-09-23 15:05

Related issues 4 (0 open4 closed)

Related to TYPO3 Core - Bug #21165: Filenames should be escaped with escapeshellarg before passing them to imagemagickClosedErnesto Baschny2009-09-30

Actions
Related to TYPO3 Core - Bug #21609: Problem with german "Umlaute" in BE file list, no thumbs generatedClosedJigal van Hemert2009-11-18

Actions
Has duplicate TYPO3 Core - Bug #21357: Thumbnail generation brokenClosedOliver Hader2009-10-25

Actions
Has duplicate TYPO3 Core - Bug #21360: Image Generation broken with PHP safe_mode = On / GraphicsmagickClosedBenni Mack2009-10-26

Actions
Actions #1

Updated by anselm about 15 years ago

Seems like this was fixed in the latest security release (10/22/2009).

Actions #2

Updated by Denis Rathig about 15 years ago

We face the same problem since update to 4.1.13 and 4.2.10 when uploading images to fileadmin via backend.

Actions #3

Updated by Oliver Hader about 15 years ago

Hi Denis,
do you use DAM? If so, please try without it and report whether the problem still exists without DAM. Thanks!

Actions #4

Updated by Denis Rathig about 15 years ago

Hi Oliver,

no we do not use DAM, just the normal fileadmin-upload.
We think it is a problem with the function escapeshellarg in 4.1.13. There are single quotes in the filename-wrap now. We have the problems on several servers even when using filenames with normal letters.

Actions #5

Updated by Oliver Hader about 15 years ago

Hi Denis,
can you tell me the distribution you are running your servers with (e.g. Debian Version x.y.z)?

Actions #6

Updated by Denis Rathig about 15 years ago

Hi Oliver,

we have the problems on

debian 4.0

and

SUSE LINUX 10.0 (i586) OSS
VERSION = 10.0

Both systems are fully updated with the current php-versions

Actions #7

Updated by Alexander Schwethelm about 15 years ago

We have that same problem since upgrading to version 4.2.10 of TYPO3.

The problem only exists if PHP safe mode is enabled. The problem is therefore best described by Morton Jonuschat in his problem report (ID 0012341).

Actions #8

Updated by Oliver Hader about 15 years ago

Another issue has been reported to be via e-mail concerning the image tests in the Install Tool:

The execution of the following command fails there:

/var/www/empty/gm convert -geometry 170x136! -colorspace RGB -quality 70
  /var/www/virtual/xyz.de/htdocs/typo3/sysext/install/imgs/jesus.jpg\[0\]
  /var/www/virtual/xyz.de/htdocs/typo3temp/pics/install_read_jpg.jpg

However, I could not reproduce this withouth safe_mode enabled.

Actions #10

Updated by Chris topher over 13 years ago

  • Subject changed from Thumb generation fails for file with "&" in filename to If safe_mode is enabled, thumb generation fails for file with "&" in filename
  • Target version deleted (0)
Actions #11

Updated by Andreas Wolf over 13 years ago

  • Category set to Backend User Interface
  • Status changed from New to Needs Feedback

Is this problem still valid? Going to close this if there's no feedback within one week.

Actions #12

Updated by Alexander Opitz over 11 years ago

  • Status changed from Needs Feedback to Closed

No response after 1 year => closed.

Actions

Also available in: Atom PDF