Closed
Bug 113459
Opened 23 years ago
Closed 22 years ago
Bad regexp in emailregexp causes system lockout
Categories
(Bugzilla :: Administration, task, P2)
Tracking
()
RESOLVED
FIXED
Bugzilla 2.18
People
(Reporter: bugreport, Assigned: justdave)
Details
Attachments
(1 file, 2 obsolete files)
954 bytes,
patch
|
bbaetz
:
review+
bbaetz
:
review+
|
Details | Diff | Splinter Review |
If the preferences web interface is used to change emailregexp to
$::param{'emailregexp'} = '^[^@]*@[^@]**$';
Subsequent login attempts result in....
Software error:
/^[^@]*@[^@]**$/: nested *?+ in regexp at CGI.pl line 707.
And it is no longer possible to log in and fix it.
Workaround - edit data/params to fix the erroneous pattern.
Suggested fix - add validation of regexps to forms that permit users to enter
them
Updated•23 years ago
|
Priority: -- → P2
Target Milestone: --- → Bugzilla 2.18
Reporter | ||
Comment 1•22 years ago
|
||
Ok... about time to fix this
Comment 2•22 years ago
|
||
Comment on attachment 93380 [details] [diff] [review]
Patch to test email regexps
Put the \&checkregexp on a separate line to match prevailing style.
Also, eval qr/$value/ rather than doing a dummy match - its 'nicer'
Attachment #93380 -
Flags: review-
Reporter | ||
Comment 3•22 years ago
|
||
Reporter | ||
Comment 4•22 years ago
|
||
Attachment #93380 -
Attachment is obsolete: true
Attachment #93381 -
Attachment is obsolete: true
Comment 5•22 years ago
|
||
Comment on attachment 93382 [details] [diff] [review]
this one....
>+sub checkregexp {
>+ my ($value) = (@_);
>+ eval { qr/$value/ };
>+ return $@ ;
>+}
r=bbaetz x2 if you remove the space before the ;
Attachment #93382 -
Flags: review+
Reporter | ||
Comment 6•22 years ago
|
||
Checking in defparams.pl;
/cvsroot/mozilla/webtools/bugzilla/defparams.pl,v <-- defparams.pl
new revision: 1.81; previous revision: 1.80
done
Status: NEW → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED
Updated•12 years ago
|
QA Contact: matty_is_a_geek → default-qa
You need to log in
before you can comment on or make changes to this bug.
Description
•