From 79de51023611557f8da946e48b91c4078d63393b Mon Sep 17 00:00:00 2001 From: Don Armstrong Date: Sun, 7 Mar 2021 08:38:15 -0800 Subject: [PATCH] Fix unescaped From in bugreport (closes: #983847) --- cgi/bugreport.cgi | 6 +++++- debian/changelog | 1 + t/07_bugreport.t | 9 +++++++-- 3 files changed, 13 insertions(+), 3 deletions(-) diff --git a/cgi/bugreport.cgi b/cgi/bugreport.cgi index d153e08..9969abb 100755 --- a/cgi/bugreport.cgi +++ b/cgi/bugreport.cgi @@ -329,7 +329,11 @@ END print map { s/^(>*From )/>$1/; $_."\n" } @lines[ 1 .. $#lines ]; if ($record->{inner_file}) { my $fh = $record->{fh}; - print $_ while (<$fh>); + local $/; + while (<$fh>) { + s/^(>*From )/>$1/gm; + print $_; + } } } exit 0; diff --git a/debian/changelog b/debian/changelog index acb7d12..ef98f3c 100644 --- a/debian/changelog +++ b/debian/changelog @@ -3,6 +3,7 @@ debbugs (3.0.0~alpha.1) unstable; urgency=medium * Use Text::Xslate instead of Text::Template; Text::Xslate is significantly faster. * Add support for a Done: psuedoheader (closes: #950133) + * Fix unescaped From (closes: #983847) -- Don Armstrong Fri, 09 Mar 2018 11:17:10 -0800 diff --git a/t/07_bugreport.t b/t/07_bugreport.t index fbbb09f..0e99f7f 100644 --- a/t/07_bugreport.t +++ b/t/07_bugreport.t @@ -1,7 +1,7 @@ # -*- mode: cperl;-*- -use Test::More tests => 18; +use Test::More tests => 19; use warnings; use strict; @@ -37,7 +37,9 @@ send_message(to=>'submit@bugs.something', Package: foo Severity: normal -This is a silly bug +This is a silly bug which contains an unescaped From line. + +From line EOF @@ -91,6 +93,9 @@ ok($mech->content() =~ qr/Subject: Submitting a bug/i, 'Subject of bug maibox is right'); ok($mech->content() =~ qr/^From /m, 'Starts with a From appropriately'); +ok($mech->content() =~ qr/^(>F|=46)rom line/m, + 'From line escaped appropriately'); +print STDERR $mech->content(); $mech->get_ok('http://localhost:'.$port.'/?bug=1;mboxmaint=yes', 'Page received ok'); -- 2.39.2