Last modified: 2010-05-15 14:36:07 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T2095, the corresponding Phabricator task for complete and up-to-date bug report information.
Bug 95 - Only first five template inclusions work
Only first five template inclusions work
Status: CLOSED FIXED
Product: MediaWiki
Classification: Unclassified
Templates (Other open bugs)
unspecified
All All
: Normal normal with 3 votes (vote)
: ---
Assigned To: Nobody - You can work on this!
:
: 55 124 426 863 949 1019 1112 (view as bug list)
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2004-08-16 06:01 UTC by Timwi
Modified: 2010-05-15 14:36 UTC (History)
9 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---


Attachments

Description Timwi 2004-08-16 06:01:12 UTC
BUG MIGRATED FROM SOURCEFORGE
http://sourceforge.net/tracker/index.php?func=detail&aid=967833&group_id=34373&atid=411192
Originally submitted by John Ky (newhoggy)  2004-06-07 01:48


Suppose I add the following text to a page:

{{msg:Mediaweapon}}

{{msg:Mediaweapon}}

{{msg:Mediaweapon}}

{{msg:Mediaweapon}}

{{msg:Mediaweapon}}

{{msg:Mediaweapon}}

{{msg:Mediaweapon}}

{{msg:Mediaweapon}}

{{msg:Mediaweapon}}

{{msg:Mediaweapon}}

The page will only include the first five instances of
{{msg:Mediaweapon}}.  The rest of them behave as if
they were: [[Template:Mediaweapon]]

------------------------- Additional comments ------------------------
Date: 2004-06-07 06:08
Sender: SF user hashar

This is hardcoded in parser.php:
define( "MAX_INCLUDE_REPEAT", 5 );

It's to prevent a possible attack :o)
-------------------------------------------------
Date: 2004-06-07 07:25
Sender: SF user phil_e

hahar, this feature is boring e.g. on fr you know we use a
lot of:

{{msg:le}} [externllink]
{{msg:le}} [externllink]
etc.

~phe

-------------------------------------------------
Date: 2004-06-07 10:15
Sender: nobody
Logged In: NO 

Thanks.  I'll choose a slightly bigger number for now. 
Would it be possible to relax this constraint for small
templates?

-------------------------------------------------
Date: 2004-06-09 04:28
Sender: SF user hashar

This is hardcoded site wide. I don't think a template should
be used that much.

The only reason so far to change this setting is the example
of fr.wikipedia.org. The {{msg:le}} template is used before
each external link for the purpose of showing a little earth
icon. That should be replaced by a css tweak for .
-------------------------------------------------
Date: 2004-06-14 05:17
Sender: SF user thrasher6669

just as another thought, i'm using templates on my wiki:
gentoo-wiki.com and i can easyly get into areas where i can
use a template 5+ even 10+ times,  just ran into this
problem today...  

I'm using it to help facilitate uniform looking pages, my
site contains much code snippets and i have provided in the
form of a template a uniform table to show off this code
e.g.(  {{code box|code title| Your code here}}  )

and with the possible code snippets getting quite large on
some page i could easyly use 10+.  Now i could see something
similar happening on wikipedia or other wiki's.

i was just wondering what kind of attack this is trying to
prevent...  I havent had a change to look at the code but i
would assume you are using regex to do replacements.

sorry if i dident make much sense there...
oh heres and example of page that _could_ use my templates
extensivly: http://gentoo-wiki.com/HOWTO_setup_a_home-server
(I would be replacing all of the green boxes with the
example above http://gentoo-wiki.com/Template:Box_Code)
Comment 1 Rowan Collins [IMSoP] 2004-08-16 23:40:45 UTC
*** Bug 124 has been marked as a duplicate of this bug. ***
Comment 2 SJ 2004-08-18 23:02:43 UTC
*** Bug 55 has been marked as a duplicate of this bug. ***
Comment 3 xmlizer 2004-08-19 09:09:44 UTC
has not this limit been raised to 20 (I saw this on CVS) ?
Comment 4 Gerard Meijsssen 2004-09-08 21:31:46 UTC
*** Bug 426 has been marked as a duplicate of this bug. ***
Comment 5 boud 2004-09-10 16:17:33 UTC
> Date: 2004-06-09 04:28
> Sender: SF user hashar
> 
> This is hardcoded site wide. I don't think a template should
> be used that much.

IMHO there is a major weakness - an inconsistency - in wikipedia at the moment,
which is that in the many, many excellent articles regarding mathematics,
physics etc, there are very rarely any links to '''software''' which is free
under the GPL or other free (as in speech) licences. It's a bit like a democracy
where every political party is itself internally a dictatorship. Well, maybe
that's a poor analogy. In any case, i've got started on

http://en.wikipedia.org/wiki/Computer_algebra_system

and i haven't thought up of any more elegant method than templates. (i'm not
totally happy with the template either - something like a GNU or Penguin would
be nice, but not really fair since not all free software is, strictly speaking,
GNU or Linux, even if the authors would probably not mind being associated.
Anyone with a better idea please propose it or try it). 

Anyway, since there are more than five free (as in speech) software packages in
the list, the template fails for the sixth and further.

IMHO the limit should be increased, surely 20 or even 30 is probably OK. 

Hmmm. A short term solution would be to put the Free software template as a
header and regroup the packages.
Comment 6 Spundun Bhatt 2004-10-01 08:34:53 UTC
Another example of this bug is described in this comment that I posted on #mediawiki  a few minuts back
[01:00] 	<Spundun>	There seems a bug with complex use of templates in media wiki.... I can show the bug on meta.wikmedia.org
[01:03] 	<Spundun>	If you go to http://meta.wikimedia.org/wiki/Help:Index and go to the section "For system Administrators" there 
you will see the Template:Ed shown as Template:Ed instead of the contents of the Template:Ed... the same template is used in the sections 
above and works fine. Also if you click on the "View Thie TOC Alone" next to that mis processed link, you will see Template:Ed processed 
properly there. To me it looks lik a bug where 
[01:03] 	<Spundun>	after a certain amount of tmplate usage.. mediawiki sw gets borked
Comment 7 Olivier Mengué 2004-10-06 10:23:09 UTC
On :fr we are using a template named "er" that is "<small><sup>er</sup></small>". We are using it to format 1{{er}} (1st).

See http://fr.wikipedia.org/wiki/366_jours
The template is here : http://fr.wikipedia.org/wiki/Mod%C3%A8le:Er

If the limit is set to avoid an attack, maybe a size limit for (more than 5) reapeated templates could solve the problem. For example, if the template text is 
less than 100 chars, it may be replaced up to 200 times instead of 5. Or it may be a limit on the total [template size] x [repetitions] < 4096 chars if 
[repetitions] > 5.

http://fr.wikipedia.org/wiki/Utilisateur:Olivier_Mengu%C3%A9
Comment 8 Llull 2004-10-11 13:17:08 UTC
I suppose that this is the same bug. In ca: we were using templates for lists of population nucleus:

http://ca.wikipedia.org/wiki/Montblanc

If the municipality has 1-5 nucleus then the templates works well. But with more... I can't 
undestand how this limit can help.
Comment 9 lɛʁi לערי ריינהארט 2004-11-09 19:34:24 UTC
Dear friends,
I found an indication about bug #95 at [[meta:Help:Template#Multiple inclusion of the same 
template in a page]].

According to my opinion a restriction would not make sanse at all. Especially if you think only 
what ''we'' do '''now'''. In the documentation it is described how to make copies of the template 
and use them after the restriction number is exhausted.

I was thinking at some alternative views of the same content as done in the main part at 
[[User:Gangleri/tests/list]], [[User:Gangleri/tests/list (maintenance)]] and 
[[User:Gangleri/tests/list (maintenance) IMSoP]]. Their maintenance is quite easy because only 
[[User:Gangleri/tests/list (template)]] needs to be updated and three other templates are used as 
a parameter to achieve the three views.

Such maintenance lists require hunderts of entries. Participants in the Wikipedia dog breed 
project are talking of a number above 800.

I do not understand where the problem is. According to my knowledge there is no way to implement 
the [[Ackermann function]] because this would be require comparision, decrementation, 
multiplicatetion, ... and recursive calls of templates.

It makes no sense to limit the page sizes because maintenance pages accessible trough http: can be 
lery large. If it is a problem sysops can watch abnormal behavior, unknown / new pages with 
excessive size and so on.

Regards Reinhardt
Comment 10 lɛʁi לערי ריינהארט 2004-11-10 01:13:21 UTC
I agree that infinite recursion is a problem and that there are allways ways 
for misuse.
Please do not implement the detection of infinite recursion / limitation of 
recursion TO THE SAME TEMPLATE as counting the occurence. It would be an easy 
way to detect it, but THESE ARE TWO SEPARATE THINKS.

''Templates'' relate to the mode of inclusion (supporting also parameters) 
and are not limited to the template namespace. Objects as articles (it is 
just a consense that articles should not ''look'' as templates), subpages, 
talks, projects, ... can all use this method.

The limitation of template (as method) recursion (also via a chain a -> b -
> ... -> n -> a) needs analysis of any of these objects

a) when they are saved
b) it is suitable to have the analysis in the preview too
c) maybe all existing objects in the database need to be analysed 
because "the bad guys" / "bombs may already be there (they are not active 
because they are cached) and activation "&action=purge" would need to handle 
the analysis.

I assume that existing templates are not very complex and only a few objects 
refer to templets with other templates as parameters. The analysis is a graph 
analysis and one could do the following:
- each time you cross a "new" node, you remember the name and set THE COUNTER 
FOR THIS PARTICULAR NODE to zero;
- when you cross a node already identified you increment THE COUNTER FOR THIS 
PARTICULAR NODE and compare it with a treshold value. If you reach the 
treshold display an appropriate error text.

Regards Reinhardt
Comment 11 Brion Vibber 2004-11-11 05:35:17 UTC
*** Bug 863 has been marked as a duplicate of this bug. ***
Comment 12 Toby 2004-11-26 00:45:13 UTC
I have to agree this is a somewhat strange bug in that there must be better ways
to check for malicious coding. The main reason for using templates is, to me, to
maintain consistency and to make it easier to change the look and feel across a
set of pages, as well as to make life easier for editors. Any limitation on how
many times a given template can be used in a page is very restrictive for any
sorts of lists at all.
Comment 13 Brion Vibber 2004-11-26 00:50:32 UTC
This has been fixed ages ago in 1.4, which we will be rolling out onto Wikipedia in 
the next few weeks.
Comment 14 Brion Vibber 2004-11-27 10:39:23 UTC
*** Bug 949 has been marked as a duplicate of this bug. ***
Comment 15 Brion Vibber 2004-12-06 14:39:00 UTC
*** Bug 1019 has been marked as a duplicate of this bug. ***
Comment 16 Rowan Collins [IMSoP] 2004-12-16 12:50:01 UTC
*** Bug 1112 has been marked as a duplicate of this bug. ***

Note You need to log in before you can comment on or make changes to this bug.


Navigation
Links