Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 19 Dec 2019 16:10:01 +0000
From:      bugzilla-noreply@freebsd.org
To:        ports-bugs@FreeBSD.org
Subject:   [Bug 242729] category/port openwebmail generates lots of perl errors; some prevent it from working
Message-ID:  <bug-242729-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D242729

            Bug ID: 242729
           Summary: category/port openwebmail generates lots of perl
                    errors; some prevent it from working
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Many People
          Priority: ---
         Component: Individual Port(s)
          Assignee: ports-bugs@FreeBSD.org
          Reporter: wfdudley@gmail.com

openwebmail generates the following errors and warnings.  The first one (the
error) prevents replying to an email:

.openwebmail-send.pl: Can't use an undefined value as a HASH reference at
/usr/local/www/cgi-bin/openwebmail/.openwebmail-send.pl line 534.:
/usr/local/www/cgi-bin/openwebmail/openwebmail-send.pl

I "fixed" this by making this change:

6,8d5
< $CGI::LIST_CONTEXT_WARN =3D 0;
< use File::Basename;
< use lib dirname (__FILE__);
537c534
<             if ( defined {$message{attachment}[1]} &&
---
>             if ( %{$message{attachment}[1]} &&

(I cribbed this fix from the similar fix done to .openwebmail-read.pl)


ALL of the .openwebmail*.pl files generate the following warning:

.openwebmail-main.pl: CGI::param called in list context from
/usr/local/www/cgi-bin/openwebmail/.openwebmail-main.pl line 80, this can l=
ead
to vulnerabilities. See the warning in "Fetching the value or values of a
single named parameter" at /usr/local/lib/perl5/site_perl/CGI.pm line 412.

.openwebmail.pl: CGI::param called in list context from
/usr/local/www/cgi-bin/openwebmail/.openwebmail.pl line 569, this can lead =
to
vulnerabilities. See the warning in "Fetching the value or values of a sing=
le
named parameter" at /usr/local/lib/perl5/site_perl/CGI.pm line 412.:
/usr/local/www/cgi-bin/openwebmail/openwebmail.pl, referer:
https://mail.casano.com/cgi-bin/openwebmail/openwebmail.pl

etc. etc.

The fix for the warning is to add this fragment to each of the .openwebmail=
*.pl
files somewhere near the top:

$CGI::LIST_CONTEXT_WARN =3D 0;

I also add these as a matter of course:

use File::Basename;
use lib dirname (__FILE__);

So that "use" of any local files will still work.

--=20
You are receiving this mail because:
You are the assignee for the bug.=

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-242729-7788>