diff options
author | dkl%redhat.com <> | 2008-09-12 20:10:11 +0000 |
---|---|---|
committer | dkl%redhat.com <> | 2008-09-12 20:10:11 +0000 |
commit | ac1f49a8d936a91831162bafda0dd7236ee95108 (patch) | |
tree | a19bc92c504d298091ec1480f65270785987753a /userprefs.cgi | |
parent | Bug 15089: Make buglist.cgi shorten search URLs by cleaning them and then red... (diff) | |
download | bugzilla-ac1f49a8d936a91831162bafda0dd7236ee95108.tar.gz bugzilla-ac1f49a8d936a91831162bafda0dd7236ee95108.tar.bz2 bugzilla-ac1f49a8d936a91831162bafda0dd7236ee95108.zip |
Bug 453767 - Passwords containing wide characters causes system error
Patch by David Lawrence <dkl@redhat.com> - a/r=mkanat
Diffstat (limited to 'userprefs.cgi')
-rwxr-xr-x | userprefs.cgi | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/userprefs.cgi b/userprefs.cgi index 3ccfe820a..24a6a5699 100755 --- a/userprefs.cgi +++ b/userprefs.cgi @@ -90,8 +90,14 @@ sub SaveAccount { undef, $user->id); $oldcryptedpwd || ThrowCodeError("unable_to_retrieve_password"); - if (crypt(scalar($cgi->param('Bugzilla_password')), $oldcryptedpwd) ne - $oldcryptedpwd) + my $oldpassword = $cgi->param('Bugzilla_password'); + + # Wide characters cause crypt to die + if (Bugzilla->params->{'utf8'}) { + utf8::encode($oldpassword) if utf8::is_utf8($oldpassword); + } + + if (crypt($oldpassword, $oldcryptedpwd) ne $oldcryptedpwd) { ThrowUserError("old_password_incorrect"); } |