Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 10 Sep 2009 03:42:51 GMT
From:      Sahil Tandon <sahil@tandon.net>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   ports/138687: [PATCH] mail/roundcube: fix broken password plugin's parsing of email usernames
Message-ID:  <200909100342.n8A3gpOC067280@www.freebsd.org>
Resent-Message-ID: <200909100350.n8A3o1fK022124@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         138687
>Category:       ports
>Synopsis:       [PATCH] mail/roundcube: fix broken password plugin's parsing of email usernames
>Confidential:   no
>Severity:       serious
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Sep 10 03:50:01 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator:     Sahil Tandon
>Release:        7.1-RELEASE
>Organization:
>Environment:
7.1-RELEASE
>Description:
The recent update to 0.3 introduced a plugins/ directory that is now distributed with the software.  Unfortunately, the password plugin has a broken SQL driver.  According to the documentation, '%d' is supposed to be replaced with the domain part of a username in case the IMAP username is an email address.  However, the PHP code just passes the local-part of the username instead.  The fix is trivial and should obviously be adopted upstream.  Until this is done (I have tried to contact the author), this patch fixes the problem.

CVS diff attached.
>How-To-Repeat:
Use an SQL password_query that employs the '%d' expansion.  Notice that the local-part (instead of the domain name) is passed to SQL.
>Fix:
Apply patch.

Patch attached with submission follows:

Index: files/patch-plugins_password_drivers_sql.php
===================================================================
RCS file: files/patch-plugins_password_drivers_sql.php
diff -N files/patch-plugins_password_drivers_sql.php
--- /dev/null	1 Jan 1970 00:00:00 -0000
+++ files/patch-plugins_password_drivers_sql.php	10 Sep 2009 03:30:02 -0000
@@ -0,0 +1,11 @@
+--- plugins/password/drivers/sql.php.orig	2009-09-09 23:22:07.000000000 -0400
++++ plugins/password/drivers/sql.php	2009-09-09 23:21:30.733707000 -0400
+@@ -81,7 +81,7 @@
+     $user_info = explode('@', $_SESSION['username']);
+     if (count($user_info) >= 2) {
+ 	$sql = str_replace('%l', $db->quote($user_info[0], 'text'), $sql);
+-	$sql = str_replace('%d', $db->quote($user_info[0], 'text'), $sql);
++	$sql = str_replace('%d', $db->quote($user_info[1], 'text'), $sql);
+     }
+     
+     $sql = str_replace('%u', $db->quote($_SESSION['username'],'text'), $sql);


>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200909100342.n8A3gpOC067280>