The following commit has been merged in the master branch:
commit 68c93f700d6f74c1f3ef8ec293e34d16b4ef94af
Author: James McCoy <[email protected]>
Date: Tue Jan 3 22:07:16 2012 -0500
bts: Add minimal verification of email arguments.
Closes: #654460
Signed-off-by: James McCoy <[email protected]>
diff --git a/debian/changelog b/debian/changelog
index 0821119..4d1bdda 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -15,6 +15,7 @@ devscripts (2.11.3) UNRELEASED; urgency=low
the patch. (Closes: #646691)
+ Handle filenames with special characters. (Closes: #648299)
* debdiff: Handle paths with special characters. (Closes: #571528)
+ * bts: Add minimal verification of email arguments. (Closes: #654460)
[ Benjamin Drung ]
* wrap-and-sort: Do not sort executable files (executable .install files
could
diff --git a/scripts/bts.pl b/scripts/bts.pl
index 9b547da..dab399f 100755
--- a/scripts/bts.pl
+++ b/scripts/bts.pl
@@ -1307,8 +1307,8 @@ Change the submitter address of a I<bug> or a number of
bugs, with B<!> meaning
sub bts_submitter {
@_ or die "bts submitter: change submitter of what bug?\n";
- my $submitter=pop;
- if ($submitter !~ /\@/ and $submitter ne '!') {
+ my $submitter=checkemail(pop, 1);
+ if (!defined $submitter) {
die "bts submitter: change submitter to what?\n";
}
foreach (@_) {
@@ -1638,7 +1638,7 @@ Specify a user I<email> address before using the
B<usertags> command.
=cut
sub bts_user {
- my $email=shift or die "bts user: set user to what email address?\n";
+ my $email=checkemail(shift) or die "bts user: set user to what email
address?\n";
if (! length $email) {
die "bts user: set user to what email address?\n";
}
@@ -1729,7 +1729,7 @@ or B<EMAIL> (checked in that order) is used.
sub bts_claim {
my $bug=checkbug(shift) or die "bts claim: claim what bug?\n";
- my $claim=shift || $ENV{'DEBEMAIL'} || $ENV{'EMAIL'} || "";
+ my $claim=checkemail(shift) || $ENV{'DEBEMAIL'} || $ENV{'EMAIL'} || "";
if (! length $claim) {
die "bts claim: use what claim token?\n";
}
@@ -1749,7 +1749,7 @@ or B<EMAIL> (checked in that order) is used.
sub bts_unclaim {
my $bug=checkbug(shift) or die "bts unclaim: unclaim what bug?\n";
- my $claim=shift || $ENV{'DEBEMAIL'} || $ENV{'EMAIL'} || "";
+ my $claim=checkemail(shift) || $ENV{'DEBEMAIL'} || $ENV{'EMAIL'} || "";
if (! length $claim) {
die "bts unclaim: use what claim token?\n";
}
@@ -1978,7 +1978,7 @@ The owner of a bug accepts responsibility for dealing
with it.
sub bts_owner {
my $bug=checkbug(shift) or die "bts owner: change owner of what bug?\n";
- my $owner=shift or die "bts owner: change owner to what?\n";
+ my $owner=checkemail(shift, 1) or die "bts owner: change owner to what?\n";
opts_done(@_);
mailbts("owner $bug", "owner $bug $owner");
}
@@ -2010,7 +2010,7 @@ relevant emails and notifications. Use the unsubscribe
command to unsubscribe.
sub bts_subscribe {
my $bug=checkbug(shift) or die "bts subscribe: subscribe to what bug?\n";
- my $email=shift;
+ my $email=checkemail(shift, 1);
$email=lc($email) if defined $email;
if (defined $email and $email eq '!') { $email = undef; }
else {
@@ -2037,7 +2037,7 @@ to which you have to reply. Use the B<subscribe> command
to, well, subscribe.
sub bts_unsubscribe {
my $bug=checkbug(shift) or die "bts unsubscribe: unsubscribe from what
bug?\n";
- my $email=shift;
+ my $email=checkemail(shift, 1);
$email = lc($email) if defined $email;
if (defined $email and $email eq '!') { $email = undef; }
else {
@@ -2448,6 +2448,19 @@ sub sanitizething {
return $bug;
}
+# Perform basic validation of an argument which should be an email address,
+# handling ! if allowed
+sub checkemail {
+ my $email=$_[0] or return;
+ my $allowbang=$_[1];
+
+ if ($email !~ /\@/ && (!$allowbang || $email ne '!')) {
+ return;
+ }
+
+ return $email;
+}
+
# Validate a bug number. Strips out extraneous leading junk, allowing
# for things like "#74041" and "Bug#94921"
sub checkbug {
--
Git repository for devscripts
--
To unsubscribe, send mail to [email protected].
