I had a mysterious page on my wiki which was not
openable. Checked the apache logs, and sure enough,
the apache process was segfaulting while trying to
fetch the page. Using the tiki-history.php page, I
went in and looked at what the source for the page was
(attached as page-source.txt). You'll notice the user
accidentally tried to close the ~pp~ tag with another
~pp~ tag in 2 places, instead of using ~/pp~. Editting
the page and inserting the missing '/' characters
stopped the segfaults.
I've filed this as a security bug because at the very
least it opens a site up to DoS attacks, and could be a
lot worse, depending on what the underlying cause of
the segfault is.
Log in to post a comment.