Actions
Defect #36958
closed
Crafted input breaks CommonMark Markdown formatter
Start date:
Due date:
% Done:
0%
Estimated time:
Resolution:
Fixed
Affected version:
Description
If you create an issue or a Wiki page contains specific data, the CommonMark Markdown formatter raises an exception when rendering the object. Malicious users can use this bug for DoS attacks.
Steps to reproduce:
1. Set the text formatting to "CommonMark Markdown"
2. Create an issue that contains a string http://example.com/foo#bar#
3. Access the newly created issue. You will see "Internal Error"
ActionView::Template::Error (bad URI(is not URI?): "http://example.com/foo#bar#"):
88:
89: <p><strong><%=l(:field_description)%></strong></p>
90: <div class="wiki">
91: <%= textilizable @issue, :description, :attachments => @issue.attachments %>
92: </div>
93: </div>
94: <% end %>
lib/redmine/wiki_formatting/common_mark/external_links_filter.rb:34:in `block in call'
lib/redmine/wiki_formatting/common_mark/external_links_filter.rb:29:in `call'
lib/redmine/wiki_formatting/common_mark/formatter.rb:66:in `to_html'
lib/redmine/wiki_formatting.rb:96:in `to_html'
app/helpers/application_helper.rb:868:in `textilizable'
app/views/issues/show.html.erb:91
app/controllers/issues_controller.rb:118:in `block (2 levels) in show'
app/controllers/issues_controller.rb:110:in `show'
lib/redmine/sudo_mode.rb:61:in `sudo_mode'
Files
Updated by 
Updated by 
Updated by
Actions