Bug#301606: MIME attachment broken for RFC1522 attachment names (#273993 FE)

Sat, 26 Mar 2005 19:08:18 -0800 

tag 301606 patch
thanks

On Sat, 26 Mar 2005, Don Armstrong wrote:
> The mime attachment code is broken for RFC1522 attachment names. FE,
> this link:
> http://bugs.debian.org/cgi-bin/bugreport.cgi/=?iso-8859-1?Q?gdb.txt?=?bug=273993&msg=15&att=1
> is totally bogus (see #273993).
> 
> I'll look into squishing this one shortly since it intersects with
> the RFC1522 work that I did earlier.

Basically, the fix is pretty straightforward, run the filename through
decode_rfc1522 (and make sure the filename is uri_escape first.)


Don Armstrong

-- 
Three little words. (In decending order of importance.)
I
love
you
 -- hugh macleod http://www.gapingvoid.com/graphics/batch35.php

http://www.donarmstrong.com              http://rzlab.ucr.edu

Index: cgi/bugreport.cgi
===================================================================
RCS file: /cvs/debbugs/source/cgi/bugreport.cgi,v
retrieving revision 1.65
diff -u -r1.65 bugreport.cgi
--- cgi/bugreport.cgi   1 Jun 2004 00:41:26 -0000       1.65
+++ cgi/bugreport.cgi   27 Mar 2005 02:41:53 -0000
@@ -68,5 +68,6 @@
     my $type = $entity->effective_type;
     my $filename = $entity->head->recommended_filename;
     $filename = '' unless defined $filename;
+    $filename = decode_rfc1522($filename);
 
     if ($top) {
        $$this .= htmlsanit($entity->stringify_header) unless ($terse);
        $$this .= "\n";
     }
 
Index: cgi/common.pl
===================================================================
RCS file: /cvs/debbugs/source/cgi/common.pl,v
retrieving revision 1.108
diff -u -r1.108 common.pl
--- cgi/common.pl       28 Mar 2004 06:02:45 -0000      1.108
+++ cgi/common.pl       27 Mar 2005 02:42:42 -0000
@@ -6,12 +6,14 @@
 use MLDBM qw/DB_File/;
 use POSIX qw/ceil/;
 
+use URI::Escape;
+
 $config_path = '/etc/debbugs';
 $lib_path = '/usr/lib/debbugs';
 require "$lib_path/errorlib";
 
 use Debbugs::Versions;
 use Debbugs::MIME qw(decode_rfc1522);
 
 $MLDBM::RemoveTaint = 1;
 
@@ -453,7 +455,7 @@
     }
     $params .= "&archive=yes" if ($common_archive);
     my $pathinfo = '';
-    $pathinfo = "/$filename" if $filename ne '';
+    $pathinfo = '/'.uri_escape($filename) if $filename ne '';
 
     return urlsanit("bugreport.cgi$pathinfo?$params");
 }

Reply via email to