Menu
▾
▴
[Sieve-php-devel] Re: Bugs in sieve-php
|
From: Alexandros V. <av...@no...> - 2005-12-06 12:33:56
|
On Tue, 2005-12-06 at 12:29 +0200, Oded Arbel wrote: > > The problem is that there is one "escape" for the starting curly in > the PLAIN authenticate request, but not for the closing curly. > > While escaping the curlies isn't required at all, it doesn't have any > adverse effects in PHP before 5.1, as those PHP versions simply mangle > the string and ignore the back-slash character. > > With version 5.1 and above, the string is correctly reproduced as a > while including the back-slash character, with only the double-quotes > and CRLF escaped, and this breaks the PLAIN authentication of course. Wow, nice catch. I didn't find anything in release notes of PHP 5.1, it was only this bug report: http://bugs.php.net/bug.php?id=31341 > The patch removes the unneeded escape, and for safety and extra credit > uses single quoted strings where appropriate. Nice fix. Also there was one more point where i applied the same fix, in a PUTSCRIPT call (see attached patch). The full fix is in CVS now! -- Alexandros Vellis av...@no... |
