X-Git-Url: https://git.donarmstrong.com/?p=debbugs.git;a=blobdiff_plain;f=cgi%2Fbugreport.cgi;h=9064ca8c0565abf666dd397031f3973f86bc2998;hp=def15df910243cdd5ddd8fabb5f4a2e4a6b29533;hb=1cda40c7b331de6c31df360b48ed28cbc7b4db5a;hpb=4cff682760150b988cdf40fc866adf47364c8392

diff --git a/cgi/bugreport.cgi b/cgi/bugreport.cgi
index def15df..9064ca8 100755
--- a/cgi/bugreport.cgi
+++ b/cgi/bugreport.cgi
@@ -1,8 +1,14 @@
-#!/usr/bin/perl -wT
+#!/usr/bin/perl
 
 use warnings;
 use strict;
 
+# Sanitize environent for taint
+BEGIN{
+    delete @ENV{qw(IFS CDPATH ENV BASH_ENV)};
+}
+
+
 use POSIX qw(strftime);
 use MIME::Parser;
 use MIME::Decoder;
@@ -19,6 +25,8 @@ use Debbugs::Common qw(buglog getmaintainers make_list bug_status);
 use Debbugs::Packages qw(getpkgsrc);
 use Debbugs::Status qw(splitpackages split_status_fields get_bug_status isstrongseverity);
 
+use Debbugs::User;
+
 use Scalar::Util qw(looks_like_number);
 
 use Debbugs::Text qw(:templates);
@@ -28,12 +36,14 @@ use List::Util qw(max);
 
 use CGI::Simple;
 my $q = new CGI::Simple;
+# STDOUT should be using the utf8 io layer
+binmode(STDOUT,':raw:encoding(UTF-8)');
 
 my %param = cgi_parameters(query => $q,
 			   single => [qw(bug msg att boring terse),
 				      qw(reverse mbox mime trim),
 				      qw(mboxstat mboxmaint archive),
-				      qw(repeatmerged)
+				      qw(repeatmerged avatars),
 				     ],
 			   default => {# msg       => '',
 				       boring    => 'no',
@@ -45,6 +55,7 @@ my %param = cgi_parameters(query => $q,
 				       mboxmaint => 'no',
 				       archive   => 'no',
 				       repeatmerged => 'yes',
+                                       avatars   => 'yes',
 				      },
 			  );
 # This is craptacular.
@@ -60,6 +71,7 @@ my $terse = $param{'terse'} eq 'yes';
 my $reverse = $param{'reverse'} eq 'yes';
 my $mbox = $param{'mbox'} eq 'yes';
 my $mime = $param{'mime'} eq 'yes';
+my $avatars = $param{avatars} eq 'yes';
 
 my %bugusertags;
 my %ut;
@@ -161,6 +173,7 @@ if (defined($msg) and ($msg-1) <= $#records) {
 }
 my @log;
 if ( $mbox ) {
+     binmode(STDOUT,":raw");
      my $date = strftime "%a %b %d %T %Y", localtime;
      if (@records > 1) {
 	 print $q->header(-type => "text/plain",
@@ -213,11 +226,11 @@ END
 	  # we want to include control messages anyway
 	  my $record_wanted_anyway = 0;
 	  my ($msg_id) = $record->{text} =~ /^Message-Id:\s+<(.+)>/im;
-	  next if exists $seen_message_ids{$msg_id};
-	  next if $msg_id =~/handler\..+\.ack(?:info|done)?\@/;
+	  next if defined $msg_id and exists $seen_message_ids{$msg_id};
+	  next if defined $msg_id and $msg_id =~/handler\..+\.ack(?:info|done)?\@/;
 	  $record_wanted_anyway = 1 if $record->{text} =~ /^Received: \(at control\)/;
 	  next if not $boring and not $record->{type} eq $wanted_type and not $record_wanted_anyway and @records > 1;
-	  $seen_message_ids{$msg_id} = 1;
+	  $seen_message_ids{$msg_id} = 1 if defined $msg_id;
 	  my @lines = split( "\n", $record->{text}, -1 );
 	  if ( $lines[ 1 ] =~ m/^From / ) {
 	       my $tmp = $lines[ 0 ];
@@ -235,6 +248,7 @@ END
 
 else {
      if (defined $att and defined $msg and @records) {
+	 binmode(STDOUT,":raw");
 	  $msg_num++;
 	  print handle_email_message($records[0]->{text},
 				     ref => $ref,
@@ -253,7 +267,11 @@ else {
 	       next;
 	  }
 	  $skip_next = 1 if $record->{type} eq 'html' and not $boring;
-	  push @log, handle_record($record,$ref,$msg_num,\%seen_msg_ids);
+	  push @log, handle_record($record,$ref,$msg_num,
+                                   \%seen_msg_ids,
+                                   trim_headers => $trim_headers,
+                                   avatars => $avatars,
+                                  );
      }
 }
 
@@ -289,24 +307,30 @@ unless (%status) {
 
 #$|=1;
 
-my %package;
+
 my @packages = make_list($status{package});
 
-foreach my $pkg (@packages) {
-     if ($pkg =~ /^src\:/) {
-	  my ($srcpkg) = $pkg =~ /^src:(.*)/;
-	  $package{$pkg} = {maintainer => exists($maintainer{$srcpkg}) ? $maintainer{$srcpkg} : '(unknown)',
-			    source     => $srcpkg,
-			    package    => $pkg,
-			    is_source  => 1,
-			   };
-     }
-     else {
-	  $package{$pkg} = {maintainer => exists($maintainer{$pkg}) ? $maintainer{$pkg} : '(unknown)',
-			    exists($pkgsrc{$pkg}) ? (source => $pkgsrc{$pkg}) : (),
-			    package    => $pkg,
-			   };
-     }
+
+my %packages_affects;
+for my $p_a (qw(package affects)) {
+    foreach my $pkg (make_list($status{$p_a})) {
+        if ($pkg =~ /^src\:/) {
+            my ($srcpkg) = $pkg =~ /^src:(.*)/;
+            $packages_affects{$p_a}{$pkg} =
+               {maintainer => exists($maintainer{$srcpkg}) ? $maintainer{$srcpkg} : '(unknown)',
+                source     => $srcpkg,
+                package    => $pkg,
+                is_source  => 1,
+               };
+        }
+        else {
+            $packages_affects{$p_a}{$pkg} =
+               {maintainer => exists($maintainer{$pkg}) ? $maintainer{$pkg} : '(unknown)',
+                exists($pkgsrc{$pkg}) ? (source => $pkgsrc{$pkg}) : (),
+                package    => $pkg,
+               };
+        }
+    }
 }
 
 # fixup various bits of the status
@@ -369,7 +393,8 @@ print $q->header(-type => "text/html",
 
 print fill_in_template(template => 'cgi/bugreport',
 		       variables => {status => \%status,
-				     package => \%package,
+				     package => $packages_affects{'package'},
+				     affects => $packages_affects{'affects'},
 				     log           => $log,
 				     bug_num       => $ref,
 				     version_graph => $version_graph,