X-Git-Url: https://git.donarmstrong.com/?a=blobdiff_plain;f=cgi%2Fbugreport.cgi;h=de4ec76371633cfe8d9760a14a7f6e2142df6250;hb=31ab1899c89be7bdafb7626b8f1fb3fff5ef5838;hp=d6d5cf20f7430ef5e558a573bcd7bf713910a241;hpb=f1efdea3d7d2341bdbd413ba91d99bd8f4d64944;p=debbugs.git

diff --git a/cgi/bugreport.cgi b/cgi/bugreport.cgi
index d6d5cf2..de4ec76 100755
--- a/cgi/bugreport.cgi
+++ b/cgi/bugreport.cgi
@@ -1,8 +1,16 @@
-#!/usr/bin/perl -wT
+#!/usr/bin/perl
 
 use warnings;
 use strict;
 
+# Sanitize environent for taint
+BEGIN{
+    delete @ENV{qw(IFS CDPATH ENV BASH_ENV)};
+}
+
+# STDOUT should be using the utf8 io layer
+binmode(STDOUT,':utf8');
+
 use POSIX qw(strftime);
 use MIME::Parser;
 use MIME::Decoder;
@@ -19,6 +27,8 @@ use Debbugs::Common qw(buglog getmaintainers make_list bug_status);
 use Debbugs::Packages qw(getpkgsrc);
 use Debbugs::Status qw(splitpackages split_status_fields get_bug_status isstrongseverity);
 
+use Debbugs::User;
+
 use Scalar::Util qw(looks_like_number);
 
 use Debbugs::Text qw(:templates);
@@ -161,6 +171,7 @@ if (defined($msg) and ($msg-1) <= $#records) {
 }
 my @log;
 if ( $mbox ) {
+     binmode(STDOUT,":raw");
      my $date = strftime "%a %b %d %T %Y", localtime;
      if (@records > 1) {
 	 print $q->header(-type => "text/plain",
@@ -235,6 +246,7 @@ END
 
 else {
      if (defined $att and defined $msg and @records) {
+	 binmode(STDOUT,":raw");
 	  $msg_num++;
 	  print handle_email_message($records[0]->{text},
 				     ref => $ref,
@@ -290,7 +302,7 @@ unless (%status) {
 #$|=1;
 
 my %package;
-my @packages = splitpackages($status{package});
+my @packages = make_list($status{package});
 
 foreach my $pkg (@packages) {
      if ($pkg =~ /^src\:/) {