svn commit: r287084 - in stable/10/usr.sbin/pw: . tests

[Baptiste Daroussin]

On Thu, Dec 03, 2015 at 10:22:45AM +0100, Dag-Erling Smørgrav wrote:
> Baptiste Daroussin <bapt at FreeBSD.org> writes:
> > Dag-Erling Smørgrav <des at des.no> writes:
> > > Baptiste Daroussin <bapt at FreeBSD.org> writes:
> > > > Or a fix can be made, if you provide an example of the failing case, I
> > > > would be able to fix it and add it to the regression tests.
> > > Any operation that specifies a GECOS containing multibyte characters.
> > Right so it is fixed.
> 
> Not really.  After your latest commit, it will appear to work, but it
> will still be broken.  A proper fix would entail converting all input to
> wide strings, validating it as such and converting back before output.
> Also, the validation is based on blacklisting specific characters which
> are considered unsafe instead of whitelisting those that are known to be
> safe.

Yes but that was already broken before my work, so doing that would be an
entirely new and willing project but in term of "regression" the regression has
been fixed. reverting the work I have done will not change that.

The interesting thing is the validator was there before my changes, and not
changed at all in the process of adding validation, so depending on the command
you were using your multibyte input for gecos may or may not have been rejected
already! the behaviour we have now is better in the sense that it is consistent
in that regards. So imho reverting is really not needed.

Now if one wants to make that properly handled using wide char, then you have a
lot of tools and interfaces to work on not only pw(8)

Best regards,
Bapt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/svn-src-all/attachments/20151203/5e8e4910/attachment.bin>