etech2000
01-16-2005, 01:44 AM
I get the following message after hitting upload button:
Short Read: wanted 8292, got 0
Here is the cgi code:
require './cgi-lib.pl';
$cgi_lib'maxdata = 500000;
$cgi_lib'writefiles = './tmp';
$PRIO_PROCESS = 0;
$LOW_PRIORITY = 19;
# We may want to do smart things depending upon MIME-type.
#$mime{'GIF'} = 'image/gif';
#$mime{'JPEG'} = 'image/jpeg';
#$mime{'WBMP'} = 'image/x-MS-bmp';
#$mime{'XPM'} = 'image/x-xpixmap';
#$mime{'AOS'} = 'application/octet-stream';
#$extn{'GIF'} = 'gif';
#$extn{'JPEG'} = 'jpeg';
#$extn{'WBMP'} = 'bmp';
#$extn{'XPM'} = 'xpm';
#$extn{'AOS'} = 'exe';
setpriority($PRIO_PROCESS, 0, $LOW_PRIORITY);
umask 022;
# Make sure the transient debug files get an unique file name.
$tt = time;
$debugfile1 = "debug/$tt.env";
$debugfile2 = "debug/$tt.bin";
$debugfile3 = "debug/$tt.err";
$debugfile4 = "debug/UPLOAD.log";
open(LFILE, ">>$debugfile4");
if ($ENV{'REQUEST_METHOD'} ne "POST") {
print "Status: 405 Method Not Allowed\n" .
"Content-Type: text/html\nAllow: POST\n\n" .
"<html>\n<head><title>405 Method Not Allowed</title></head>\n" .
"<body>\n<h1>405 Method Not Allowed</h1>\n" .
"<p>Your web browser <tt>$ENV{'HTTP_USER_AGENT'}</tt>\n" .
"used request method <tt>$ENV{'REQUEST_METHOD'}</tt>.\n" .
"To upload a file, request method must be <tt>POST</tt>.</p>\n" .
"</body>\n</html>\n";
print LFILE "$tt: 405 method not allowed.\n";
exit 0;
}
#@ee = split / /, $ENV{'CONTENT_TYPE'};
#chop @ee[0];
if ($ENV{'CONTENT_TYPE'} !~ /multipart\/form-data/) {
print "Cache-Control: no-cache\nPragma: no-cache\n" .
"Content-Type: text/html\n\n" .
"<html>\n<head><title>Wrong enctype</title>\n</head>\n<body><h1>Wrong enctype</h1>\n" .
"<p>The request specified an encoding type that can't be used for uploading files.\n" .
"Always use <tt>multipart/form-data</tt> for file uploads.</p>\n</body>\n</html>";
print LFILE "$tt: wrong enctype.\n";
exit 0;
}
if ($ENV{'CONTENT_LENGTH'} > $cgi_lib'maxdata) {
print "Cache-Control: no-cache\nPragma: no-cache\n" .
"Content-Type: text/html\n\n" .
"<html>\n<head><title>Too large</title></head>\n<body>\n<h1>Too large upload</h1>\n" .
"<p>Upload is $ENV{'CONTENT_LENGTH'} byte. Max size is $cgi_lib'maxdata byte.</p></body></html>";
print LFILE "$tt: file too large.\n";
exit 0;
}
$rr = read(STDIN,$in,$ENV{'CONTENT_LENGTH'});
system("/usr/bin/printenv >$debugfile1");
system("echo $rr >>$debugfile1");
open(DEBUG, ">$debugfile2");
print DEBUG $in;
close(DEBUG);
# For debugging
#print "Cache-Control: no-cache\nPragma: no-cache\n" .
# "Content-Type: text/html\n\n" .
# "<html><head><title>Raw upload data</title></head>\n" .
# "<body><h1>Raw upload data</h1>\n<hr><p>$in</p><hr></body></html>\n";
#print LFILE "$tt: dump of raw upload.\n";
#exit 0;
undef $in;
if ($ENV{'CONTENT_LENGTH'} != $rr) {
print "Status: 400 Bad Request\n" .
"Content-Type: text/html\n\n" .
"<html>\n<head><title>Problem in proxy</title></head>\n" .
"<body>\n<h1>You may have a problem in proxy.</h1>" .
"<p>Content-Length: is $ENV{'CONTENT_LENGTH'}," .
"actual length of submitted data is $rr.</p>\n</body>\n</html>\n";
print LFILE "$tt: possible problem with proxy.\n";
exit 0;
}
open(STDIN, "<$debugfile2");
$ret_rp = &ReadParse(*cgi_data,*cgi_cfn,*cgi_ct,*cgi_sfn);
$tmpfile1 = $cgi_cfn{'upload_data'};
# Yes, I'm paranoid - I don't trust ReadParse to fix this (gh).
if ($tmpfile1 =~ /^([-\@\w.]+)$/) {
$tmpfile1 = "upload/$1";
} else {
print LFILE "$tt: tainted data sent by $ENV{'REMOTE_ADDR'}: \"$tmpfile1\"\n";
$tmpfile1 = "upload/t$tt.bin";
}
if (! -e $cgi_sfn{'upload_data'} || -z $cgi_sfn{'upload_data'}) {
unlink values %cgi_sfn;
print "Cache-Control: no-cache\nPragma: no-cache\n" .
"Content-Type: text/html\n\n" .
"<html>\n<head><title>bad upload</title></head>\n<body>\n<h1>Bad upload</h1>\n" .
"<p>File failed to upload properly.</p>\n</body>\n</html>\n";
print LFILE "$tt: bad upload: \"$tmpfile1\".\n";
exit 0;
}
# Debug (uncomment necxt 13 lines to activate)
# print "Cache-Control: no-cache\nPragma: no-cache\n" .
# "Content-Type: text/html\n\n" .
# "<html>\n<head><title>Data</title></head>\n<body>\n<h1>Data</h1>\n<p>" .
# "tmpfile1: is [$tmpfile1]<br>\n" .
# "ret_rp: is [$ret_rp]<br>\n" .
# "cgi_data[upload_data]: is [$cgi_data{'upload_data'}]<br>\n" .
# "cgi_data[max_file_size]: is [$cgi_data{'max_file_size'}]<br>\n" .
# "cgi_data[sign]: is [$cgi_data{'sign'}]<br>\n" .
# "cgi_cfn[upload_data]: is [$cgi_cfn{'upload_data'}]<br>\n" .
# "cgi_ct[upload_data]: is [$cgi_ct{'upload_data'}]<br>\n" .
# "cgi_sfn[upload_data]: is [$cgi_sfn{'upload_data'}]</p>\n</body>\n</html>\n";
# print LFILE "$tt: aborted by debug routine.\n";
# exit 0;
# NB: We don't check if we overwrite something.
system "/usr/bin/cp $cgi_sfn{'upload_data'} $tmpfile1 >$debugfile3 2>&1";
if (! -e $tmpfile1 || -z $tmpfile1) {
unlink "$tmpfile1", values %cgi_sfn;
open(FILE, "<$debugfile3");
print "Cache-Control: no-cache\nPragma: no-cache\n" .
"Content-Type: text/plain\n\n", <FILE>;
print LFILE "$tt: could not copy tmpfile.\n";
exit 0;
}
# Link to uploaded file to visualize.
print "Content-Type: text/html\n\n" .
"<html><head><title>Upload file using Perl</title></head>\n<body>\n" .
"<h1>Upload file using Perl</h1>\n<p><a href=\"" . $tmpfile1 .
"\">Click here</a> to view result of upload.</p>\n</body>\n</html>\n";
unlink values %cgi_sfn;
unlink $debugfile1, $debugfile2, $debugfile3;
print LFILE "$tt: success, \"$tmpfile1\".\n";
exit 0;
# EOF
Link Page is:
http://gardening101.org/upload/upload.php
The required secondary cgi file is the commonly used: cig-lib.pl
Any help is greatly appreciated.
Thank you
Short Read: wanted 8292, got 0
Here is the cgi code:
require './cgi-lib.pl';
$cgi_lib'maxdata = 500000;
$cgi_lib'writefiles = './tmp';
$PRIO_PROCESS = 0;
$LOW_PRIORITY = 19;
# We may want to do smart things depending upon MIME-type.
#$mime{'GIF'} = 'image/gif';
#$mime{'JPEG'} = 'image/jpeg';
#$mime{'WBMP'} = 'image/x-MS-bmp';
#$mime{'XPM'} = 'image/x-xpixmap';
#$mime{'AOS'} = 'application/octet-stream';
#$extn{'GIF'} = 'gif';
#$extn{'JPEG'} = 'jpeg';
#$extn{'WBMP'} = 'bmp';
#$extn{'XPM'} = 'xpm';
#$extn{'AOS'} = 'exe';
setpriority($PRIO_PROCESS, 0, $LOW_PRIORITY);
umask 022;
# Make sure the transient debug files get an unique file name.
$tt = time;
$debugfile1 = "debug/$tt.env";
$debugfile2 = "debug/$tt.bin";
$debugfile3 = "debug/$tt.err";
$debugfile4 = "debug/UPLOAD.log";
open(LFILE, ">>$debugfile4");
if ($ENV{'REQUEST_METHOD'} ne "POST") {
print "Status: 405 Method Not Allowed\n" .
"Content-Type: text/html\nAllow: POST\n\n" .
"<html>\n<head><title>405 Method Not Allowed</title></head>\n" .
"<body>\n<h1>405 Method Not Allowed</h1>\n" .
"<p>Your web browser <tt>$ENV{'HTTP_USER_AGENT'}</tt>\n" .
"used request method <tt>$ENV{'REQUEST_METHOD'}</tt>.\n" .
"To upload a file, request method must be <tt>POST</tt>.</p>\n" .
"</body>\n</html>\n";
print LFILE "$tt: 405 method not allowed.\n";
exit 0;
}
#@ee = split / /, $ENV{'CONTENT_TYPE'};
#chop @ee[0];
if ($ENV{'CONTENT_TYPE'} !~ /multipart\/form-data/) {
print "Cache-Control: no-cache\nPragma: no-cache\n" .
"Content-Type: text/html\n\n" .
"<html>\n<head><title>Wrong enctype</title>\n</head>\n<body><h1>Wrong enctype</h1>\n" .
"<p>The request specified an encoding type that can't be used for uploading files.\n" .
"Always use <tt>multipart/form-data</tt> for file uploads.</p>\n</body>\n</html>";
print LFILE "$tt: wrong enctype.\n";
exit 0;
}
if ($ENV{'CONTENT_LENGTH'} > $cgi_lib'maxdata) {
print "Cache-Control: no-cache\nPragma: no-cache\n" .
"Content-Type: text/html\n\n" .
"<html>\n<head><title>Too large</title></head>\n<body>\n<h1>Too large upload</h1>\n" .
"<p>Upload is $ENV{'CONTENT_LENGTH'} byte. Max size is $cgi_lib'maxdata byte.</p></body></html>";
print LFILE "$tt: file too large.\n";
exit 0;
}
$rr = read(STDIN,$in,$ENV{'CONTENT_LENGTH'});
system("/usr/bin/printenv >$debugfile1");
system("echo $rr >>$debugfile1");
open(DEBUG, ">$debugfile2");
print DEBUG $in;
close(DEBUG);
# For debugging
#print "Cache-Control: no-cache\nPragma: no-cache\n" .
# "Content-Type: text/html\n\n" .
# "<html><head><title>Raw upload data</title></head>\n" .
# "<body><h1>Raw upload data</h1>\n<hr><p>$in</p><hr></body></html>\n";
#print LFILE "$tt: dump of raw upload.\n";
#exit 0;
undef $in;
if ($ENV{'CONTENT_LENGTH'} != $rr) {
print "Status: 400 Bad Request\n" .
"Content-Type: text/html\n\n" .
"<html>\n<head><title>Problem in proxy</title></head>\n" .
"<body>\n<h1>You may have a problem in proxy.</h1>" .
"<p>Content-Length: is $ENV{'CONTENT_LENGTH'}," .
"actual length of submitted data is $rr.</p>\n</body>\n</html>\n";
print LFILE "$tt: possible problem with proxy.\n";
exit 0;
}
open(STDIN, "<$debugfile2");
$ret_rp = &ReadParse(*cgi_data,*cgi_cfn,*cgi_ct,*cgi_sfn);
$tmpfile1 = $cgi_cfn{'upload_data'};
# Yes, I'm paranoid - I don't trust ReadParse to fix this (gh).
if ($tmpfile1 =~ /^([-\@\w.]+)$/) {
$tmpfile1 = "upload/$1";
} else {
print LFILE "$tt: tainted data sent by $ENV{'REMOTE_ADDR'}: \"$tmpfile1\"\n";
$tmpfile1 = "upload/t$tt.bin";
}
if (! -e $cgi_sfn{'upload_data'} || -z $cgi_sfn{'upload_data'}) {
unlink values %cgi_sfn;
print "Cache-Control: no-cache\nPragma: no-cache\n" .
"Content-Type: text/html\n\n" .
"<html>\n<head><title>bad upload</title></head>\n<body>\n<h1>Bad upload</h1>\n" .
"<p>File failed to upload properly.</p>\n</body>\n</html>\n";
print LFILE "$tt: bad upload: \"$tmpfile1\".\n";
exit 0;
}
# Debug (uncomment necxt 13 lines to activate)
# print "Cache-Control: no-cache\nPragma: no-cache\n" .
# "Content-Type: text/html\n\n" .
# "<html>\n<head><title>Data</title></head>\n<body>\n<h1>Data</h1>\n<p>" .
# "tmpfile1: is [$tmpfile1]<br>\n" .
# "ret_rp: is [$ret_rp]<br>\n" .
# "cgi_data[upload_data]: is [$cgi_data{'upload_data'}]<br>\n" .
# "cgi_data[max_file_size]: is [$cgi_data{'max_file_size'}]<br>\n" .
# "cgi_data[sign]: is [$cgi_data{'sign'}]<br>\n" .
# "cgi_cfn[upload_data]: is [$cgi_cfn{'upload_data'}]<br>\n" .
# "cgi_ct[upload_data]: is [$cgi_ct{'upload_data'}]<br>\n" .
# "cgi_sfn[upload_data]: is [$cgi_sfn{'upload_data'}]</p>\n</body>\n</html>\n";
# print LFILE "$tt: aborted by debug routine.\n";
# exit 0;
# NB: We don't check if we overwrite something.
system "/usr/bin/cp $cgi_sfn{'upload_data'} $tmpfile1 >$debugfile3 2>&1";
if (! -e $tmpfile1 || -z $tmpfile1) {
unlink "$tmpfile1", values %cgi_sfn;
open(FILE, "<$debugfile3");
print "Cache-Control: no-cache\nPragma: no-cache\n" .
"Content-Type: text/plain\n\n", <FILE>;
print LFILE "$tt: could not copy tmpfile.\n";
exit 0;
}
# Link to uploaded file to visualize.
print "Content-Type: text/html\n\n" .
"<html><head><title>Upload file using Perl</title></head>\n<body>\n" .
"<h1>Upload file using Perl</h1>\n<p><a href=\"" . $tmpfile1 .
"\">Click here</a> to view result of upload.</p>\n</body>\n</html>\n";
unlink values %cgi_sfn;
unlink $debugfile1, $debugfile2, $debugfile3;
print LFILE "$tt: success, \"$tmpfile1\".\n";
exit 0;
# EOF
Link Page is:
http://gardening101.org/upload/upload.php
The required secondary cgi file is the commonly used: cig-lib.pl
Any help is greatly appreciated.
Thank you