View Issue Details

IDProjectCategoryView StatusLast Update
0000227Main CAcert WebsiteGPG/PGPpublic2013-01-14 08:18
ReporterbluecAssigned ToSourcerer  
PrioritynormalSeverityminorReproducibilityhave not tried
Status closedResolutionfixed 
Fixed in Version2009 Q2 
Summary0000227: mysql_real_escape_string sometimes prevents adding of gpg keys
DescriptionIf a user has the following Name/E-Mail in his gpg key:

  Foo Bar (Administrativ contact: Key 12345) <foo@bar.tld>

and you use gpg --with-colons to output this uid you receive

pub::::::Foo Bar (Administrativ contact\x3a Key 12345) <foo@bar.tld>:

If you now apply mysql_real_escape_string() to this string you might get the ":" back again for the \x3a and that shifts the email address into the next field.

There might also be a problem with \n but I haven't looked into this.
TagsNo tags attached.
Reviewed by
Test Instructions


related to 0000460 closedSourcerer Please disable GPG signing until we have a production-quality system 



2009-04-09 21:20

administrator   ~0001359

I could not reproduce the problem with the colon, and my review of the sourcecode showed that this problem should be solved, since the hex2bin() function is used on the individual fields, after they are being seperated.


2009-04-19 22:22

administrator   ~0001371

Seems to work properly now.

Issue History

Date Modified Username Field Change
2006-05-07 20:55 bluec New Issue
2006-08-14 02:51 duane Status new => needs work
2006-08-14 02:51 duane Assigned To => Sourcerer
2007-10-24 05:11 evaldo Relationship added related to 0000460
2009-04-09 21:20 Sourcerer Note Added: 0001359
2009-04-09 21:20 Sourcerer Status needs work => solved?
2009-04-19 22:22 Sourcerer Note Added: 0001371
2009-04-19 22:22 Sourcerer Status solved? => closed
2009-04-19 22:22 Sourcerer Resolution open => fixed
2013-01-14 08:18 Werner Dworak Fixed in Version => 2009 Q2