See our latest COVID-19 information Read more.
⚓ T2095 Only first five template inclusions work
Page MenuHomePhabricator

Only first five template inclusions work
Closed, ResolvedPublic

Description

Author: timwi

Description:
BUG MIGRATED FROM SOURCEFORGE
http://sourceforge.net/tracker/index.php?func=detail&aid=967833&group_id=34373&atid=411192
Originally submitted by John Ky (newhoggy) 2004-06-07 01:48

Suppose I add the following text to a page:

{{msg:Mediaweapon}}

{{msg:Mediaweapon}}

{{msg:Mediaweapon}}

{{msg:Mediaweapon}}

{{msg:Mediaweapon}}

{{msg:Mediaweapon}}

{{msg:Mediaweapon}}

{{msg:Mediaweapon}}

{{msg:Mediaweapon}}

{{msg:Mediaweapon}}

The page will only include the first five instances of
{{msg:Mediaweapon}}. The rest of them behave as if
they were: [[Template:Mediaweapon]]

  • Additional comments ------------------------

Date: 2004-06-07 06:08
Sender: SF user hashar

This is hardcoded in parser.php:
define( "MAX_INCLUDE_REPEAT", 5 );

It's to prevent a possible attack :o)

Date: 2004-06-07 07:25
Sender: SF user phil_e

hahar, this feature is boring e.g. on fr you know we use a
lot of:

{{msg:le}} [externllink]
{{msg:le}} [externllink]
etc.

~phe


Date: 2004-06-07 10:15
Sender: nobody
Logged In: NO

Thanks. I'll choose a slightly bigger number for now.
Would it be possible to relax this constraint for small
templates?


Date: 2004-06-09 04:28
Sender: SF user hashar

This is hardcoded site wide. I don't think a template should
be used that much.

The only reason so far to change this setting is the example
of fr.wikipedia.org. The {{msg:le}} template is used before
each external link for the purpose of showing a little earth

icon. That should be replaced by a css tweak for .

Date: 2004-06-14 05:17
Sender: SF user thrasher6669

just as another thought, i'm using templates on my wiki:
gentoo-wiki.com and i can easyly get into areas where i can
use a template 5+ even 10+ times, just ran into this
problem today...

I'm using it to help facilitate uniform looking pages, my
site contains much code snippets and i have provided in the
form of a template a uniform table to show off this code
e.g.( {{code box|code title| Your code here}} )

and with the possible code snippets getting quite large on
some page i could easyly use 10+. Now i could see something
similar happening on wikipedia or other wiki's.

i was just wondering what kind of attack this is trying to
prevent... I havent had a change to look at the code but i
would assume you are using regex to do replacements.

sorry if i dident make much sense there...
oh heres and example of page that _could_ use my templates
extensivly: http://gentoo-wiki.com/HOWTO_setup_a_home-server
(I would be replacing all of the green boxes with the
example above http://gentoo-wiki.com/Template:Box_Code)


Version: unspecified
Severity: normal

Details

Reference
bz95

Revisions and Commits

Event Timeline

bzimport raised the priority of this task from to Medium.Nov 21 2014, 6:50 PM
bzimport set Reference to bz95.
bzimport added a subscriber: Unknown Object (MLST).

rowan.collins wrote:

*** Bug 124 has been marked as a duplicate of this bug. ***

*** Bug 55 has been marked as a duplicate of this bug. ***

xmlizer wrote:

has not this limit been raised to 20 (I saw this on CVS) ?

gerardm wrote:

*** Bug 426 has been marked as a duplicate of this bug. ***

boud1 wrote:

Date: 2004-06-09 04:28
Sender: SF user hashar

This is hardcoded site wide. I don't think a template should
be used that much.

IMHO there is a major weakness - an inconsistency - in wikipedia at the moment,
which is that in the many, many excellent articles regarding mathematics,
physics etc, there are very rarely any links to '''software''' which is free
under the GPL or other free (as in speech) licences. It's a bit like a democracy
where every political party is itself internally a dictatorship. Well, maybe
that's a poor analogy. In any case, i've got started on

http://en.wikipedia.org/wiki/Computer_algebra_system

and i haven't thought up of any more elegant method than templates. (i'm not
totally happy with the template either - something like a GNU or Penguin would
be nice, but not really fair since not all free software is, strictly speaking,
GNU or Linux, even if the authors would probably not mind being associated.
Anyone with a better idea please propose it or try it).

Anyway, since there are more than five free (as in speech) software packages in
the list, the template fails for the sixth and further.

IMHO the limit should be increased, surely 20 or even 30 is probably OK.

Hmmm. A short term solution would be to put the Free software template as a
header and regroup the packages.

spundun wrote:

Another example of this bug is described in this comment that I posted on MediaWiki-General a few minuts back
[01:00] <Spundun> There seems a bug with complex use of templates in media wiki.... I can show the bug on meta.wikmedia.org
[01:03] <Spundun> If you go to http://meta.wikimedia.org/wiki/Help:Index and go to the section "For system Administrators" there
you will see the Template:Ed shown as Template:Ed instead of the contents of the Template:Ed... the same template is used in the sections
above and works fine. Also if you click on the "View Thie TOC Alone" next to that mis processed link, you will see Template:Ed processed
properly there. To me it looks lik a bug where
[01:03] <Spundun> after a certain amount of tmplate usage.. mediawiki sw gets borked

dolmen wrote:

On :fr we are using a template named "er" that is "<small><sup>er</sup></small>". We are using it to format 1{{er}} (1st).

See http://fr.wikipedia.org/wiki/366_jours
The template is here : http://fr.wikipedia.org/wiki/Mod%C3%A8le:Er

If the limit is set to avoid an attack, maybe a size limit for (more than 5) reapeated templates could solve the problem. For example, if the template text is
less than 100 chars, it may be replaced up to 200 times instead of 5. Or it may be a limit on the total [template size] x [repetitions] < 4096 chars if
[repetitions] > 5.

http://fr.wikipedia.org/wiki/Utilisateur:Olivier_Mengu%C3%A9

paubcrespo wrote:

I suppose that this is the same bug. In ca: we were using templates for lists of population nucleus:

http://ca.wikipedia.org/wiki/Montblanc

If the municipality has 1-5 nucleus then the templates works well. But with more... I can't
undestand how this limit can help.

gangleri wrote:

Dear friends,
I found an indication about bug #95 at [[meta:Help:Template#Multiple inclusion of the same
template in a page]].

According to my opinion a restriction would not make sanse at all. Especially if you think only
what ''we'' do '''now'''. In the documentation it is described how to make copies of the template
and use them after the restriction number is exhausted.

I was thinking at some alternative views of the same content as done in the main part at
[[User:Gangleri/tests/list]], [[User:Gangleri/tests/list (maintenance)]] and
[[User:Gangleri/tests/list (maintenance) IMSoP]]. Their maintenance is quite easy because only
[[User:Gangleri/tests/list (template)]] needs to be updated and three other templates are used as
a parameter to achieve the three views.

Such maintenance lists require hunderts of entries. Participants in the Wikipedia dog breed
project are talking of a number above 800.

I do not understand where the problem is. According to my knowledge there is no way to implement
the [[Ackermann function]] because this would be require comparision, decrementation,
multiplicatetion, ... and recursive calls of templates.

It makes no sense to limit the page sizes because maintenance pages accessible trough http: can be
lery large. If it is a problem sysops can watch abnormal behavior, unknown / new pages with
excessive size and so on.

Regards Reinhardt

gangleri wrote:

I agree that infinite recursion is a problem and that there are allways ways
for misuse.
Please do not implement the detection of infinite recursion / limitation of
recursion TO THE SAME TEMPLATE as counting the occurence. It would be an easy
way to detect it, but THESE ARE TWO SEPARATE THINKS.

''Templates'' relate to the mode of inclusion (supporting also parameters)
and are not limited to the template namespace. Objects as articles (it is
just a consense that articles should not ''look'' as templates), subpages,
talks, projects, ... can all use this method.

The limitation of template (as method) recursion (also via a chain a -> b -

... -> n -> a) needs analysis of any of these objects

a) when they are saved
b) it is suitable to have the analysis in the preview too
c) maybe all existing objects in the database need to be analysed
because "the bad guys" / "bombs may already be there (they are not active
because they are cached) and activation "&action=purge" would need to handle
the analysis.

I assume that existing templates are not very complex and only a few objects
refer to templets with other templates as parameters. The analysis is a graph
analysis and one could do the following:

  • each time you cross a "new" node, you remember the name and set THE COUNTER

FOR THIS PARTICULAR NODE to zero;

  • when you cross a node already identified you increment THE COUNTER FOR THIS

PARTICULAR NODE and compare it with a treshold value. If you reach the
treshold display an appropriate error text.

Regards Reinhardt

  • Bug 863 has been marked as a duplicate of this bug. ***

shepheardt wrote:

I have to agree this is a somewhat strange bug in that there must be better ways
to check for malicious coding. The main reason for using templates is, to me, to
maintain consistency and to make it easier to change the look and feel across a
set of pages, as well as to make life easier for editors. Any limitation on how
many times a given template can be used in a page is very restrictive for any
sorts of lists at all.

This has been fixed ages ago in 1.4, which we will be rolling out onto Wikipedia in
the next few weeks.

  • Bug 949 has been marked as a duplicate of this bug. ***
  • Bug 1019 has been marked as a duplicate of this bug. ***

rowan.collins wrote:

*** Bug 1112 has been marked as a duplicate of this bug. ***

Diffusion added a commit: Unknown Object (Diffusion Commit).Mar 4 2015, 8:19 AM