check-banned FAILED: Malformed UTF-8 character
Mark.Martinec+amavis at ijs.si
Thu Apr 5 02:19:19 CEST 2012
> A manifestation of the Perl bug #32687:
> Encode::is_utf8 on tainted UTF8 string returns false
> Please try the attached patch, it avoids testing Encode::is_utf8
> and just calls safe_encode() unconditionally.
While investigating this issue I became aware of another
bug in the perl module Encode, still unfixed in Encode 2.44
(and perl 5.14.2):
It gratuitously untaints a string when encoding or decoding it.
The bug report is classified as 'wish', although I'd call it
'serious' and 'security'.
I'll provide a workaround by a rewrite of my safe_encode and
safe_decode. To appear soon in a bug-fix release 2.7.1 .
More information about the amavis-users