aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authordkl%redhat.com <>2008-09-12 20:10:11 +0000
committerdkl%redhat.com <>2008-09-12 20:10:11 +0000
commitac1f49a8d936a91831162bafda0dd7236ee95108 (patch)
treea19bc92c504d298091ec1480f65270785987753a /userprefs.cgi
parentBug 15089: Make buglist.cgi shorten search URLs by cleaning them and then red... (diff)
downloadbugzilla-ac1f49a8d936a91831162bafda0dd7236ee95108.tar.gz
bugzilla-ac1f49a8d936a91831162bafda0dd7236ee95108.tar.bz2
bugzilla-ac1f49a8d936a91831162bafda0dd7236ee95108.zip
Bug 453767 - Passwords containing wide characters causes system error
Patch by David Lawrence <dkl@redhat.com> - a/r=mkanat
Diffstat (limited to 'userprefs.cgi')
-rwxr-xr-xuserprefs.cgi10
1 files changed, 8 insertions, 2 deletions
diff --git a/userprefs.cgi b/userprefs.cgi
index 3ccfe820a..24a6a5699 100755
--- a/userprefs.cgi
+++ b/userprefs.cgi
@@ -90,8 +90,14 @@ sub SaveAccount {
undef, $user->id);
$oldcryptedpwd || ThrowCodeError("unable_to_retrieve_password");
- if (crypt(scalar($cgi->param('Bugzilla_password')), $oldcryptedpwd) ne
- $oldcryptedpwd)
+ my $oldpassword = $cgi->param('Bugzilla_password');
+
+ # Wide characters cause crypt to die
+ if (Bugzilla->params->{'utf8'}) {
+ utf8::encode($oldpassword) if utf8::is_utf8($oldpassword);
+ }
+
+ if (crypt($oldpassword, $oldcryptedpwd) ne $oldcryptedpwd)
{
ThrowUserError("old_password_incorrect");
}