Skip Menu |
 

This queue is for tickets about the Net-Server CPAN distribution.

Report information
The Basics
Id: 85586
Status: open
Priority: 0/
Queue: Net-Server

People
Owner: Nobody in particular
Requestors: patrick.mcanneny [...] leadkarma.com
Cc:
AdminCc:

Bug Information
Severity: (no value)
Broken in:
  • 2.008
  • 2.009
Fixed in: (no value)



Subject: Users and Groups with a period in their name throw a fatal error
Date: Thu, 23 May 2013 17:00:45 -0400
To: bug-Net-Server [...] rt.cpan.org
From: Patrick McAnneny <patrick.mcanneny [...] leadkarma.com>
Download (untitled) / with headers
text/plain 348b
The regular expressions at lines 344 and 354 in Net::Server::post_bind cause users and groups with periods in them to throw a fatal error even though they should be valid. Simply changing these two regular expressions fixes this. Possible solutions: ($prop->{'group'} =~ /^([\w-\.]+(?: [\w-\.]+)*)$/) ($prop->{'user'} =~ /^([\w-\.]+)$/) Thanks!
Download (untitled) / with headers
text/plain 1.1k
On 2013-05-23 17:01:03, patrick.mcanneny@leadkarma.com wrote: Show quoted text
> The regular expressions at lines 344 and 354 in Net::Server::post_bind > cause users and groups with periods in them to throw a fatal error even > though they should be valid. > > Simply changing these two regular expressions fixes this. > > Possible solutions: > ($prop->{'group'} =~ /^([\w-\.]+(?: [\w-\.]+)*)$/) > ($prop->{'user'} =~ /^([\w-\.]+)$/)
I found this also problematic. An even better solution is to skip the check completely here, and pass $prop->{user} to get_uid and let this function decide if the user exists or not. So instead of } elsif ($prop->{'user'} =~ /^([\w-]+)$/) { $prop->{'user'} = eval { get_uid($1) }; $self->fatal(my $e = $@) if $@; } else { $self->fatal("Invalid user \"$prop->{'user'}\""); } it could be: } else { $prop->{'user'} = eval { get_uid($prop->{'user'}) }; $self->fatal(my $e = $@) if $@; } or (with a different error message): } else { $prop->{'user'} = eval { get_uid($prop->{'user'}) }; $self->fatal("Invalid user \"$prop->{'user'}\", error: $@") if $@; }
Download (untitled) / with headers
text/plain 1.4k
On 2014-10-30 10:56:32, SREZIC wrote: Show quoted text
> On 2013-05-23 17:01:03, patrick.mcanneny@leadkarma.com wrote:
> > The regular expressions at lines 344 and 354 in > > Net::Server::post_bind > > cause users and groups with periods in them to throw a fatal error > > even > > though they should be valid. > > > > Simply changing these two regular expressions fixes this. > > > > Possible solutions: > > ($prop->{'group'} =~ /^([\w-\.]+(?: [\w-\.]+)*)$/) > > ($prop->{'user'} =~ /^([\w-\.]+)$/)
> > I found this also problematic. > > An even better solution is to skip the check completely here, and pass > $prop->{user} to get_uid and let this function decide if the user > exists or not. So instead of > > } elsif ($prop->{'user'} =~ /^([\w-]+)$/) { > $prop->{'user'} = eval { get_uid($1) }; > $self->fatal(my $e = $@) if $@; > } else { > $self->fatal("Invalid user \"$prop->{'user'}\""); > } > > it could be: > > } else { > $prop->{'user'} = eval { get_uid($prop->{'user'}) }; > $self->fatal(my $e = $@) if $@; > } > > or (with a different error message): > > } else { > $prop->{'user'} = eval { get_uid($prop->{'user'}) }; > $self->fatal("Invalid user \"$prop->{'user'}\", error: $@") if $@; > }
A patch is available in http://cpan.cpantesters.org/authors/id/S/SR/SREZIC/patches/Net-Server-2.008-RT85586.patch CPAN.pm users may use this distropref file for automatic inclusion of this patch: https://github.com/eserte/srezic-cpan-distroprefs/blob/master/Net-Server.yml
Download (untitled) / with headers
text/plain 1.6k
On 2014-12-05 06:49:13, SREZIC wrote: Show quoted text
> On 2014-10-30 10:56:32, SREZIC wrote:
> > On 2013-05-23 17:01:03, patrick.mcanneny@leadkarma.com wrote:
> > > The regular expressions at lines 344 and 354 in > > > Net::Server::post_bind > > > cause users and groups with periods in them to throw a fatal error > > > even > > > though they should be valid. > > > > > > Simply changing these two regular expressions fixes this. > > > > > > Possible solutions: > > > ($prop->{'group'} =~ /^([\w-\.]+(?: [\w-\.]+)*)$/) > > > ($prop->{'user'} =~ /^([\w-\.]+)$/)
> > > > I found this also problematic. > > > > An even better solution is to skip the check completely here, and > > pass > > $prop->{user} to get_uid and let this function decide if the user > > exists or not. So instead of > > > > } elsif ($prop->{'user'} =~ /^([\w-]+)$/) { > > $prop->{'user'} = eval { get_uid($1) }; > > $self->fatal(my $e = $@) if $@; > > } else { > > $self->fatal("Invalid user \"$prop->{'user'}\""); > > } > > > > it could be: > > > > } else { > > $prop->{'user'} = eval { get_uid($prop->{'user'}) }; > > $self->fatal(my $e = $@) if $@; > > } > > > > or (with a different error message): > > > > } else { > > $prop->{'user'} = eval { get_uid($prop->{'user'}) }; > > $self->fatal("Invalid user \"$prop->{'user'}\", error: $@") if > > $@; > > }
> > A patch is available in > http://cpan.cpantesters.org/authors/id/S/SR/SREZIC/patches/Net-Server- > 2.008-RT85586.patch > > CPAN.pm users may use this distropref file for automatic inclusion of > this patch: > https://github.com/eserte/srezic-cpan-distroprefs/blob/master/Net- > Server.yml
This patch also works with 2.009.


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.