[Vmail-discuss] http_unescape bug
Marcin Sochacki
wanted@gnu.univ.gda.pl
Mon, 4 Nov 2002 11:49:19 +0100
There is a bug in DomainAdmin.pm, which prevents setting passwords with
some special characters in them. I've spotted the problem when trying
to set a password with colon in it e.g. 'secret2:2'
Of course the bug is only seen when changing the password via the web
interface.
The problem lies in subroutine http_unescape:
$text =~ s/\%(\d+)/chr(hex($1))/ge;
should be changed to something like:
$text =~ s/\%([\dA-Fa-f]{2})/chr(hex($1))/ge;
Marcin
--
Windows 2000: A reliable comprehensive and integrated operating system
platform delivering seamless interoperability, scalability,
and performance, and broad application support.
Open Source: No f*ing buzzwords.