4285 – strange code in smbldap-useradd

Bug 4285 - strange code in smbldap-useradd

Summary: strange code in smbldap-useradd

Status:	RESOLVED WONTFIX

Alias:	None

Product:	Samba 3.0
Classification:	Unclassified
Component:	smbldap-tools (show other bugs)
Version:	3.0.23d
Hardware:	Other Linux

Importance:	P3 normal
Target Milestone:	none
Assignee:	Tournier Jerome
QA Contact:	smbldap-tools team

URL:
Keywords:

Depends on:
Blocks:

Reported:	2006-12-07 08:10 UTC by Pascal Terjan
Modified:	2010-09-04 07:12 UTC (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Pascal Terjan 2006-12-07 08:10:21 UTC

I don't understand following code :

# untaint $userName (can finish with one or two $)
if ($userName =~ /^([\w -.]+\$?)$/) {
  $userName = $1;
} else {
  print "$0: illegal username\n";
  exit (1);
}

The comment say "(can finish with one or two $)" but the regexp will only match one, and I don't understand what does "untaint" mean.

And what is the goal of "$userName = $1" ? $1 will always have the content that $userName already had, except maybe "\n" at the end that would be dropped.

Comment 1 Tournier Jerome 2010-09-04 07:12:19 UTC

Not maintained anymore