SafeJail does not report errors correctly
Concerned version
Version: %2.0.12
Summary
- Use an invalid expression in a rule somewhere (header, macro, etc)
- With useSafeJail=0, the error is correctly reported
- With useSafeJail=1, the error is empty
Logs
Example with a classic mistake, using "$uid@example.com" in a header value:
useSafeJail=0:
[error] syntax error at (eval 300) line 1, near "}@example"
Global symbol "@example" requires explicit package name (did you forget to declare "my @example"?) at (eval 300) line 1.
[error] Lemonldap::NG::Handler::PSGI::Main Unable to forge test1.lemontest.lxd headers: syntax error at (eval 300) line 1, near "}@example"
Global symbol "@example" requires explicit package name (did you forget to declare "my @example"?) at (eval 300) line 1.
useSafeJail=1
[error]
[error] Lemonldap::NG::Handler::PSGI::Main Unable to forge test1.lemontest.lxd headers:
Possible fixes
I found this in Handler::Main::Jail
eval { $res = ( $self->jail->reval($reval) ) };
if ($@) {
$self->error($@);
return undef;
}
It seems that the eval here is unnecessary: the Jail CPAN module already handles failure in reval(), and we also do it in our Fake Jail implementation (see sub reval in Handler::Main::Jail)
removing this eval lets the error be correctly reported :
#already evals
$res = ( $self->jail->reval($reval) );
if ($@) {
$self->error($@);
return undef;
}
@guimard do you remember why/if the eval in the above code is needed?