[Vmail-discuss] http_unescape bug

Marcin Sochacki wanted@gnu.univ.gda.pl
Mon, 4 Nov 2002 11:49:19 +0100

There is a bug in DomainAdmin.pm, which prevents setting passwords with
some special characters in them. I've spotted the problem when trying
to set a password with colon in it e.g. 'secret2:2'

Of course the bug is only seen when changing the password via the web

The problem lies in subroutine http_unescape:
    $text =~ s/\%(\d+)/chr(hex($1))/ge;
should be changed to something like:
    $text =~ s/\%([\dA-Fa-f]{2})/chr(hex($1))/ge;


Windows 2000: A reliable comprehensive and integrated operating system
              platform delivering seamless interoperability, scalability,
              and performance, and broad application support.
Open Source:  No f*ing buzzwords.