From ac1f49a8d936a91831162bafda0dd7236ee95108 Mon Sep 17 00:00:00 2001 From: "dkl%redhat.com" <> Date: Fri, 12 Sep 2008 20:10:11 +0000 Subject: Bug 453767 - Passwords containing wide characters causes system error Patch by David Lawrence - a/r=mkanat --- userprefs.cgi | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'userprefs.cgi') diff --git a/userprefs.cgi b/userprefs.cgi index 3ccfe820a..24a6a5699 100755 --- a/userprefs.cgi +++ b/userprefs.cgi @@ -90,8 +90,14 @@ sub SaveAccount { undef, $user->id); $oldcryptedpwd || ThrowCodeError("unable_to_retrieve_password"); - if (crypt(scalar($cgi->param('Bugzilla_password')), $oldcryptedpwd) ne - $oldcryptedpwd) + my $oldpassword = $cgi->param('Bugzilla_password'); + + # Wide characters cause crypt to die + if (Bugzilla->params->{'utf8'}) { + utf8::encode($oldpassword) if utf8::is_utf8($oldpassword); + } + + if (crypt($oldpassword, $oldcryptedpwd) ne $oldcryptedpwd) { ThrowUserError("old_password_incorrect"); } -- cgit v1.2.3-24-g4f1b