Bug #4695 for Net-Server: Wrong group validation

Wed Dec 17 03:22:46 2003 Guest - Ticket created

Subject:

Wrong group validation

The regex to validate groupnames is wrong. The Debian bugtracking system includes a bug #223383 with a patch for this problem. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=223383 I attached the patch from Debian but I think that the patch is not fully correct. The regex \w+ was changed to \w[-\w]+. I think \w[-\w]* is more correct. System Info: CPAN Version 0.86 (Debian too) Perl v5.8.0 built for i586-linux-thread-multi Linux 2.4.20

--- Server.pm 2003-04-07 06:06:22.000000000 +0200 +++ /usr/share/perl5/Net/Server.pm 2003-12-08 15:43:44.000000000 +0100 @@ -404,7 +404,7 @@ $self->log(1,"Group Not Defined. Defaulting to EGID '$)'\n"); $prop->{group} = $); }else{ - if( $prop->{group} =~ /^(\w+( \w+)*)$/ ){ + if( $prop->{group} =~ /^(\w[-\w]+( \w+)*)$/ ){ $prop->{group} = eval{ get_gid( $1 ) }; $self->fatal( $@ ) if $@; }else{ @@ -418,7 +418,7 @@ $self->log(1,"User Not Defined. Defaulting to EUID '$>'\n"); $prop->{user} = $>; }else{ - if( $prop->{user} =~ /^(\w+)$/ ){ + if( $prop->{user} =~ /^(\w[-\w]+)$/ ){ $prop->{user} = eval{ get_uid( $1 ) }; $self->fatal( $@ ) if $@; }else{

Wed Dec 17 03:55:17 2003 Guest - Correspondence added

From:

michael.bell [...] web.de

updated server.diff with fixed regex

--- Net-Server-0.86/lib/Net/Server.pm 2003-11-06 21:04:11.000000000 +0100 +++ Net-Server-0.86/lib/Net/Server.pm.new 2003-12-17 09:42:15.000000000 +0100 @@ -404,7 +404,7 @@ $self->log(1,"Group Not Defined. Defaulting to EGID '$)'\n"); $prop->{group} = $); }else{ - if( $prop->{group} =~ /^(\w+( \w+)*)$/ ){ + if( $prop->{group} =~ /^(\w[-\w]*( \w[-\w]*)*)$/ ){ $prop->{group} = eval{ get_gid( $1 ) }; $self->fatal( $@ ) if $@; }else{ @@ -418,7 +418,7 @@ $self->log(1,"User Not Defined. Defaulting to EUID '$>'\n"); $prop->{user} = $>; }else{ - if( $prop->{user} =~ /^(\w+)$/ ){ + if( $prop->{user} =~ /^(\w[-\w]*)$/ ){ $prop->{user} = eval{ get_uid( $1 ) }; $self->fatal( $@ ) if $@; }else{

Mon Jun 20 14:17:14 2005 paul [...] seamons.com - Status changed from 'new' to 'open'

Wed Jun 22 11:54:10 2005 paul [...] seamons.com - Status changed from 'open' to 'resolved'