Your message dated Sat, 15 Mar 2008 20:37:34 +0200 with message-id <[EMAIL PROTECTED]> and subject line Re: Bug#411735: libcgi-perl: path_info crashes with Unmatched regex on valid input has caused the Debian Bug report #411735, regarding libcgi-perl: path_info crashes with Unmatched regex on valid input to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [EMAIL PROTECTED] immediately.) -- 411735: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=411735 Debian Bug Tracking System Contact [EMAIL PROTECTED] with problems
--- Begin Message ---Package: libcgi-perl Version: 2.76-24 Severity: normal If the path info part of a URL happens to be a malformed regex, calling path_info will crash with a regex error. The following test case illustrates the problem: $ env REQUEST_METHOD=GET \ REQUEST_URI='/foo.cgi/(bar' \ PATH_INFO='/(bar' \ SCRIPT_NAME='/foo.cgi' \ perl -e 'use CGI; $q = CGI::new; $a = $q->path_info; print "$a\n"' Unmatched ( in regex; marked by <-- HERE in m//( <-- HERE bar$/ at (eval 4) line 7. [The above example corresponds to an actual URL of, e.g., http://www.example.org/foo.cgi/(bar ] path_info should not crash on arguably valid input like this. Whether the input looks like a regex should have no effect. -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.4.28-ow1 Locale: LANG=zh_TW.Big5, LC_CTYPE=zh_TW.Big5 (charmap=BIG5) Versions of packages libcgi-perl depends on: ii liburi-perl 1.35-2 Manipulates and accesses URI strin ii libwww-perl 5.805-1 WWW client/server library for Perl ii perl 5.8.8-7 Larry Wall's Practical Extraction libcgi-perl recommends no packages. -- no debconf information
--- End Message ---
--- Begin Message ---Version: 5.10.0-1 On Tue, Feb 20, 2007 at 12:22:15PM -0500, Ambrose Li wrote: > Package: libcgi-perl > Version: 2.76-24 > Severity: normal > If the path info part of a URL happens to be a malformed regex, calling > path_info will crash with a regex error. > $ env REQUEST_METHOD=GET \ > REQUEST_URI='/foo.cgi/(bar' \ > PATH_INFO='/(bar' \ > SCRIPT_NAME='/foo.cgi' \ > perl -e 'use CGI; $q = CGI::new; $a = $q->path_info; print "$a\n"' > Unmatched ( in regex; marked by <-- HERE in m//( <-- HERE bar$/ at (eval 4) > line 7. This was fixed in CGI.pm 3.19: 2. Fixed problem noted by Martin Foster in which regular expression meta-character terms in the path information were not quoted, causing URL parsing to fail on URLs that contained metacharacters (such as +). The fix is included in Perl 5.10.0, currently in experimental. Closing accordingly. Cheers, -- Niko Tyni [EMAIL PROTECTED]
--- End Message ---
