Closed Bug 113459 Opened 24 years ago Closed 23 years ago

Bad regexp in emailregexp causes system lockout

Tracking

()

Status:

RESOLVED FIXED

Milestone:

Bugzilla 2.18

People

(Reporter: bugreport, Assigned: justdave)

Details

Votes:

Attachments

(1 file, 2 obsolete files)

Patch to test email regexps 23 years ago Joel Peshkin 977 bytes, patch	bbaetz : review-	Details \| Diff \| Splinter Review
cleaner version 23 years ago Joel Peshkin 955 bytes, patch		Details \| Diff \| Splinter Review
this one.... 23 years ago Joel Peshkin 954 bytes, patch	bbaetz : review+ bbaetz : review+	Details \| Diff \| Splinter Review

Joel Peshkin

Reporter

Description

•

24 years ago

If the preferences web interface is used to change emailregexp to $::param{'emailregexp'} = '^[^@]*@[^@]**$'; Subsequent login attempts result in.... Software error: /^[^@]*@[^@]**$/: nested *?+ in regexp at CGI.pl line 707. And it is no longer possible to log in and fix it. Workaround - edit data/params to fix the erroneous pattern. Suggested fix - add validation of regexps to forms that permit users to enter them

Matthew Tuck [:CodeMachine]

Updated

•

24 years ago

Priority: -- → P2

Target Milestone: --- → Bugzilla 2.18

Joel Peshkin

Reporter

Comment 1

•

23 years ago

Attached patch Patch to test email regexps (obsolete) — Details — Splinter Review

Ok... about time to fix this

Bradley Baetz (:bbaetz)

Comment 2

•

23 years ago

Comment on attachment 93380 [details] [diff] [review] Patch to test email regexps Put the \&checkregexp on a separate line to match prevailing style. Also, eval qr/$value/ rather than doing a dummy match - its 'nicer'

Attachment #93380 - Flags: review-

Joel Peshkin

Reporter

Comment 3

•

23 years ago

Attached patch cleaner version (obsolete) — Details — Splinter Review

Joel Peshkin

Reporter

Comment 4

•

23 years ago

Attached patch this one.... — Details — Splinter Review

Attachment #93380 - Attachment is obsolete: true

Attachment #93381 - Attachment is obsolete: true

Bradley Baetz (:bbaetz)

Comment 5

•

23 years ago

Comment on attachment 93382 [details] [diff] [review] this one.... >+sub checkregexp { >+ my ($value) = (@_); >+ eval { qr/$value/ }; >+ return $@ ; >+} r=bbaetz x2 if you remove the space before the ;

Attachment #93382 - Flags: review+

Joel Peshkin

Reporter

Comment 6

•

23 years ago

Checking in defparams.pl; /cvsroot/mozilla/webtools/bugzilla/defparams.pl,v <-- defparams.pl new revision: 1.81; previous revision: 1.80 done

Status: NEW → RESOLVED

Closed: 23 years ago

Resolution: --- → FIXED

Nobody; OK to take it and work on it

Updated

•

13 years ago

QA Contact: matty_is_a_geek → default-qa

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Bad regexp in emailregexp causes system lockout

Categories

(Bugzilla :: Administration, task, P2)

Tracking

()

People

(Reporter: bugreport, Assigned: justdave)

References

Details

Crash Data

Security

(public)

User Story

Attachments

(1 file, 2 obsolete files)

Description

Updated

Comment 1

Comment 2

Comment 3

Comment 4

Comment 5

Comment 6

Updated

Attachment

General

Description

File Name

Content Type