From ba0b55cebea4cf2dd2085547e38e8f540f10c03b Mon Sep 17 00:00:00 2001 From: "lpsolit%gmail.com" <> Date: Sun, 29 Jun 2008 22:35:28 +0000 Subject: Bug 441921: context=file fails due to taint issues in file names and file rev numbers - Patch by Frédéric Buclin r=himorin a=LpSolit MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Bugzilla/Attachment/PatchReader.pm | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) (limited to 'Bugzilla') diff --git a/Bugzilla/Attachment/PatchReader.pm b/Bugzilla/Attachment/PatchReader.pm index 44193ed86..cfc7610f4 100644 --- a/Bugzilla/Attachment/PatchReader.pm +++ b/Bugzilla/Attachment/PatchReader.pm @@ -23,8 +23,6 @@ use Bugzilla::Error; use Bugzilla::Attachment; use Bugzilla::Util; -use Encode; - sub process_diff { my ($attachment, $format, $context) = @_; my $dbh = Bugzilla->dbh; @@ -78,9 +76,9 @@ sub process_diff { setup_template_patch_reader($last_reader, $format, $context, $vars); # The patch is going to be displayed in a HTML page and if the utf8 # param is enabled, we have to encode attachment data as utf8. - # Encode::decode() knows what to do with invalid characters. if (Bugzilla->params->{'utf8'}) { - $attachment->{data} = Encode::decode_utf8($attachment->data); + $attachment->data; # Populate ->{data} + utf8::decode($attachment->{data}); } $reader->iterate_string('Attachment ' . $attachment->id, $attachment->data); } @@ -94,10 +92,11 @@ sub process_interdiff { # Encode attachment data as utf8 if it's going to be displayed in a HTML # page using the UTF-8 encoding. - # Encode::decode() knows what to do with invalid characters. if ($format ne 'raw' && Bugzilla->params->{'utf8'}) { - $old_attachment->{data} = Encode::decode_utf8($old_attachment->data); - $new_attachment->{data} = Encode::decode_utf8($new_attachment->data); + $old_attachment->data; # Populate ->{data} + utf8::decode($old_attachment->{data}); + $new_attachment->data; # Populate ->{data} + utf8::decode($new_attachment->{data}); } # Get old patch data. -- cgit v1.2.3-24-g4f1b