[Rt-commit] rt branch, 4.4/rest1-utf8-attachment-filenames, created. rt-4.4.4-86-g8d011576aa
Aaron Trevena
ast at bestpractical.com
Thu Jul 16 16:05:06 EDT 2020
The branch, 4.4/rest1-utf8-attachment-filenames has been created
at 8d011576aa8751c85eda1ad67c661347b1572604 (commit)
- Log -----------------------------------------------------------------
commit 8d011576aa8751c85eda1ad67c661347b1572604
Author: Aaron Trevena <ast at bestpractical.com>
Date: Thu Jul 16 21:02:06 2020 +0100
Catch errors decoding wide-characters in HTTP Headers
Detect wide-characters in HTTP Header and attachment filenames, and
avoid decoding them and causing a fatal wide-character error.
This edge case occurs in REST1 API, due to the way some client libraries,
particularly Perl's HTTP::Request family handle utf8 in multi-part fields.
diff --git a/lib/RT/Attachment.pm b/lib/RT/Attachment.pm
index 66a0e4e6d1..9936ec2b9b 100644
--- a/lib/RT/Attachment.pm
+++ b/lib/RT/Attachment.pm
@@ -158,7 +158,9 @@ sub Create {
# MIME::Head doesn't support perl strings well and can return
# octets which later will be double encoded in low-level code
- $head = Encode::decode( 'UTF-8', $head );
+ unless ( $head =~ m/[^\x00-\x7f]/ ) {
+ $head = Encode::decode( 'UTF-8', $head );
+ }
# If a message has no bodyhandle, that means that it has subparts (or appears to)
# and we should act accordingly.
diff --git a/lib/RT/Util.pm b/lib/RT/Util.pm
index aaa9d1530b..0639d93cf1 100644
--- a/lib/RT/Util.pm
+++ b/lib/RT/Util.pm
@@ -127,8 +127,11 @@ sub mime_recommended_filename {
$head = $head->head if $head->isa('MIME::Entity');
for my $attr_name (qw( content-disposition.filename content-type.name )) {
- my $value = Encode::decode("UTF-8",$head->mime_attr($attr_name));
+ my $value = $head->mime_attr($attr_name);
if ( defined $value && $value =~ /\S/ ) {
+ unless ( $value =~ m/[^\x00-\x7f]/ ) {
+ $value = Encode::decode("UTF-8", $value);
+ }
return $value;
}
}
-----------------------------------------------------------------------
More information about the rt-commit
mailing list