Bug#301606: MIME attachment broken for RFC1522 attachment names (#273993 FE)
tag 301606 patch
thanks
On Sat, 26 Mar 2005, Don Armstrong wrote:
> The mime attachment code is broken for RFC1522 attachment names. FE,
> this link:
> http://bugs.debian.org/cgi-bin/bugreport.cgi/=?iso-8859-1?Q?gdb.txt?=?bug=273993&msg=15&att=1
> is totally bogus (see #273993).
>
> I'll look into squishing this one shortly since it intersects with
> the RFC1522 work that I did earlier.
Basically, the fix is pretty straightforward, run the filename through
decode_rfc1522 (and make sure the filename is uri_escape first.)
Don Armstrong
--
Three little words. (In decending order of importance.)
I
love
you
-- hugh macleod http://www.gapingvoid.com/graphics/batch35.php
http://www.donarmstrong.com http://rzlab.ucr.edu
Index: cgi/bugreport.cgi
===================================================================
RCS file: /cvs/debbugs/source/cgi/bugreport.cgi,v
retrieving revision 1.65
diff -u -r1.65 bugreport.cgi
--- cgi/bugreport.cgi 1 Jun 2004 00:41:26 -0000 1.65
+++ cgi/bugreport.cgi 27 Mar 2005 02:41:53 -0000
@@ -68,5 +68,6 @@
my $type = $entity->effective_type;
my $filename = $entity->head->recommended_filename;
$filename = '' unless defined $filename;
+ $filename = decode_rfc1522($filename);
if ($top) {
$$this .= htmlsanit($entity->stringify_header) unless ($terse);
$$this .= "\n";
}
Index: cgi/common.pl
===================================================================
RCS file: /cvs/debbugs/source/cgi/common.pl,v
retrieving revision 1.108
diff -u -r1.108 common.pl
--- cgi/common.pl 28 Mar 2004 06:02:45 -0000 1.108
+++ cgi/common.pl 27 Mar 2005 02:42:42 -0000
@@ -6,12 +6,14 @@
use MLDBM qw/DB_File/;
use POSIX qw/ceil/;
+use URI::Escape;
+
$config_path = '/etc/debbugs';
$lib_path = '/usr/lib/debbugs';
require "$lib_path/errorlib";
use Debbugs::Versions;
use Debbugs::MIME qw(decode_rfc1522);
$MLDBM::RemoveTaint = 1;
@@ -453,7 +455,7 @@
}
$params .= "&archive=yes" if ($common_archive);
my $pathinfo = '';
- $pathinfo = "/$filename" if $filename ne '';
+ $pathinfo = '/'.uri_escape($filename) if $filename ne '';
return urlsanit("bugreport.cgi$pathinfo?$params");
}
Reply to: