Mantis Bugtracker          
testlink.org

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0008372TestLinkInstallerpublic2018-09-18 14:062018-09-19 11:59
Reportergonzaga 
Assigned To 
PrioritynormalSeverityminorReproducibilityalways
StatusnewResolutionopen 
PlatformLinuxOSDebianOS VersionStretch
Product Version1.9.17 (2018 Q1) 
Fixed in Version 
Summary0008372: Special character in password or/and host cause installation error
DescriptionIn function "preg_replace($san,'',$db_admin_pass)", "reg_replace($san,'',$db_admin_pass)" and "$db_server = preg_replace($san,'',$db_server)" special characters ares supressed.

$san = '/[^A-Za-z0-9\-]/';
Steps To ReproduceCriate password with 'Tdlalala#' or/and db_server with "10.0.31.248" and execute the install.
Additional InformationVersions: 1.9.17 and 1.9.18.

A) values typed in the interface:
db_name : testlink18 db_table_prefix : db_server : 10.0.31.248 db_admin_pass : Acabaxi### db_type : postgres tl_db_passwd : Abobora# tl_db_login : testlinkdsv db_admin_name : postgres

b) echo in file testlink.png:
db_name : testlink18 db_table_prefix : db_server : 10031248 db_admin_pass : Acabaxi db_type : postgres tl_db_passwd : Abobora tl_db_login : testlinkdsv db_admin_name : postgres
TagsNo tags attached.
Database (MySQL,Postgres,etc)Postgres
BrowserFirefox
PHP VersionPHP 7.2.9-1+0~20180910100512.5+stretch~1
TestCaseID
QA Team - Task Workflow Status
Attached Filespng file icon testlink.png [^] (25,337 bytes) 2018-09-18 14:06

- Relationships

-  Notes
(0027860)
fman (administrator)
2018-09-18 20:07
edited on: 2018-09-18 20:08

looking for similar issues is a must.
IMHO this issue is duplicate.


give a look to http://mantis.testlink.org/view.php?id=8241 [^]

and also do searches on this mantis

(0027861)
gonzaga (reporter)
2018-09-18 20:20

I downloaded and using this a version referencied in note 8241.

Only installed when i commented the function:

<snip>..

// get db info from session
$san = '/[^A-Za-z0-9\-]/';
$db_name = trim($_SESSION['databasename']);
$db_name = preg_replace($san,'',$db_name);

$db_table_prefix = trim($_SESSION['tableprefix']);
$db_table_prefix = preg_replace($san,'',$db_table_prefix);

$db_server = trim($_SESSION['databasehost']);
#$db_server = preg_replace($san,'',$db_server);

$db_admin_pass = trim($_SESSION['databaseloginpassword']);
$db_admin_pass = preg_replace($san,'',$db_admin_pass);

$db_type = trim($_SESSION['databasetype']);
$db_type = preg_replace($san,'',$db_type);

$tl_db_passwd = trim($_SESSION['tl_loginpassword']);
#$tl_db_passwd = preg_replace($san,'',$tl_db_passwd);


// will limit length to avoi some kind of injection
// Choice: 32
$tl_db_login = trim($_SESSION['tl_loginname']);
#$tl_db_login = substr(preg_replace($san,'',$tl_db_login),0,32);

</snip>
(0027863)
fman (administrator)
2018-09-19 07:05

IMHO you have commented too much
is important that you remove only the offending code
(0027868)
gonzaga (reporter)
2018-09-19 11:59

I commented only password's and IP address:

#$db_server = preg_replace($san,'',$db_server);
#$db_admin_pass = preg_replace($san,'',$db_admin_pass);
#$tl_db_passwd = preg_replace($san,'',$tl_db_passwd);

Is very common using de Special characters in password and in IP Address is natural.

IMHO, is necessary a revision in the function preg_replace($san...)

- Issue History
Date Modified Username Field Change
2018-09-18 14:06 gonzaga New Issue
2018-09-18 14:06 gonzaga File Added: testlink.png
2018-09-18 20:07 fman Note Added: 0027860
2018-09-18 20:08 fman Note Edited: 0027860 View Revisions
2018-09-18 20:08 fman Status new => feedback
2018-09-18 20:20 gonzaga Note Added: 0027861
2018-09-18 20:20 gonzaga Status feedback => new
2018-09-19 07:05 fman Note Added: 0027863
2018-09-19 11:59 gonzaga Note Added: 0027868



Copyright © 2000 - 2018 MantisBT Team
Powered by Mantis Bugtracker