The default bug view has changed. See this FAQ.

md5_hex() fails if a saved search has UTF8 characters in it

RESOLVED FIXED in Bugzilla 3.2

Status

()

Bugzilla
Query/Bug List
--
critical
RESOLVED FIXED
8 years ago
8 years ago

People

(Reporter: himorin, Assigned: Frédéric Buclin)

Tracking

({regression})

3.2.2
Bugzilla 3.2
regression
Bug Flags:
approval +
approval3.2 +
blocking3.2.3 +

Details

Attachments

(1 attachment)

933 bytes, patch
Max Kanat-Alexander
: review+
himorin
: review+
Details | Diff | Splinter Review
(Reporter)

Description

8 years ago
issue_hash_token(), introduced by last security fix, uses directly md5_hex with the internal data.
As the bug (or spec) of Digest:: modules, we must encode, using encode_utf8() or something, the utf-8 data before using md5_hex().

For the document, refer pod of the Digest::MD5.
(Assignee)

Comment 1

8 years ago
Hum yeah, I can reproduce. If a saved search name has UTF8 characters in it, buglist.cgi and userprefs.cgi?tab=saved-searches both fails with:

undef error - Wide character in subroutine entry at Bugzilla/Token.pm line 183.
Flags: blocking3.2.3+
Flags: blocking3.0.9+
Target Milestone: --- → Bugzilla 3.0
(Assignee)

Comment 2

8 years ago
Err... I just tested on 3.0.8, and it's not affected by the problem.
Flags: blocking3.0.9+
Target Milestone: Bugzilla 3.0 → Bugzilla 3.2

Comment 3

8 years ago
Ahh, this is basically the same bug as bug 431201, then, just in a different place. What's funny is that, using the Digest.pm interface, this doesn't seem to happen (I tested it when I wrote the SHA-1 patch--maybe it's just not necessary for Digest::SHA, but it is necessary for Digest::MD5).
(Assignee)

Comment 4

8 years ago
Created attachment 361189 [details] [diff] [review]
patch, v1

Use the same trick as in bug 453767.
Assignee: query-and-buglist → LpSolit
Status: NEW → ASSIGNED
Attachment #361189 - Flags: review?(mkanat)
(Assignee)

Updated

8 years ago
Attachment #361189 - Flags: review?(shimono)
(Assignee)

Updated

8 years ago
Keywords: regression

Comment 5

8 years ago
Comment on attachment 361189 [details] [diff] [review]
patch, v1

Looks good to me. I assume you tested it and it works?
Attachment #361189 - Flags: review?(mkanat) → review+
(Assignee)

Comment 6

8 years ago
yup. But I also tested security patches, and they still regressed something. :-(
(Assignee)

Updated

8 years ago
Duplicate of this bug: 477585
(Assignee)

Updated

8 years ago
Flags: approval3.2+
Flags: approval+
(Assignee)

Updated

8 years ago
Attachment #361189 - Flags: review?(shimono)
(Assignee)

Comment 8

8 years ago
tip:

Checking in Bugzilla/Token.pm;
/cvsroot/mozilla/webtools/bugzilla/Bugzilla/Token.pm,v  <--  Token.pm
new revision: 1.58; previous revision: 1.57
done

3.2.2:

Checking in Bugzilla/Token.pm;
/cvsroot/mozilla/webtools/bugzilla/Bugzilla/Token.pm,v  <--  Token.pm
new revision: 1.55.2.2; previous revision: 1.55.2.1
done
Status: ASSIGNED → RESOLVED
Last Resolved: 8 years ago
Resolution: --- → FIXED
Summary: Cannot use saved search with utf-8 name (issue_hash_token problem) → md5_hex() fails if a saved search has UTF8 characters in it
(Reporter)

Comment 9

8 years ago
Comment on attachment 361189 [details] [diff] [review]
patch, v1

Sorry for late.
I've checked with our test site, and works well.
Attachment #361189 - Flags: review+
(Assignee)

Updated

8 years ago
Duplicate of this bug: 478193
(Assignee)

Updated

8 years ago
Duplicate of this bug: 480705
(Assignee)

Updated

8 years ago
Duplicate of this bug: 481661
You need to log in before you can comment on or make changes to this bug.