From 6c47683e63aa77f3a48ed3e83ea959b5dc173627 Mon Sep 17 00:00:00 2001
From: "Robin H. Johnson" <robbat2@gentoo.org>
Date: Thu, 30 Jan 2020 22:51:38 -0800
Subject: Bugzilla/Util: disable BiDi tr safety

Perl Safe.pm and 5.30 don't interact well, the following expression is
disabled. This introduces a small risk of BiDi characters being added to
bugs.

Reference: https://bugzilla.mozilla.org/show_bug.cgi?id=1588175
Reference: https://rt.perl.org/Public/Bug/Display.html?id=72942
Reference: https://github.com/Perl/perl5/issues/17271
Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
---
 Bugzilla/Util.pm | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/Bugzilla/Util.pm b/Bugzilla/Util.pm
index 572479777..4a6e89d18 100644
--- a/Bugzilla/Util.pm
+++ b/Bugzilla/Util.pm
@@ -106,7 +106,14 @@ sub html_quote {
     # |U+200e|Left-To-Right Mark        |0xe2 0x80 0x8e      |
     # |U+200f|Right-To-Left Mark        |0xe2 0x80 0x8f      |
     # --------------------------------------------------------
-    $var =~ tr/\x{202a}-\x{202e}//d;
+	#
+	# Perl Safe.pm and 5.30 don't interact well, the following expression is
+	# disabled. This introduces a small risk of BiDi characters being added to
+	# bugs.
+	# https://bugzilla.mozilla.org/show_bug.cgi?id=1588175
+	# https://rt.perl.org/Public/Bug/Display.html?id=72942
+	# https://github.com/Perl/perl5/issues/17271
+	#$var =~ tr/\x{202a}-\x{202e}//d;
   }
   return $var;
 }
-- 
cgit v1.2.3-65-gdbad