Closed
Bug 178800
Opened 22 years ago
Closed 22 years ago
Graphical Charts fail with taint error with perl 5.6.0
Categories
(Bugzilla :: Reporting/Charting, defect, P1)
Tracking
()
RESOLVED
FIXED
Bugzilla 2.18
People
(Reporter: bugreport, Assigned: gerv)
References
Details
Attachments
(1 file, 4 obsolete files)
2.01 KB,
patch
|
gerv
:
review+
gerv
:
review+
|
Details | Diff | Splinter Review |
On sites with 5.6.0 (mothra), queries for graphical charts such as severity versus status are tainted. This is most likely due to taints being propagated through my @selectnames = map($columns{$_}, @axis_fields); in report.cgi
Reporter | ||
Updated•22 years ago
|
Status: NEW → ASSIGNED
Priority: -- → P1
Target Milestone: --- → Bugzilla 2.18
Comment 1•22 years ago
|
||
Reporter | ||
Comment 2•22 years ago
|
||
Comment on attachment 105429 [details] [diff] [review] patch v1: fixes problem per bbaetz' suggestion r=joel
Attachment #105429 -
Flags: review+
Comment 3•22 years ago
|
||
Comment on attachment 105429 [details] [diff] [review] patch v1: fixes problem per bbaetz' suggestion a=justdave but I want a second r= from someone besides me and joel before it gets checked in.
Attachment #105429 -
Flags: review+
Comment 4•22 years ago
|
||
Here's an approach that validates the data before detainting and using it.
Attachment #105429 -
Attachment is obsolete: true
Comment 5•22 years ago
|
||
Updated•22 years ago
|
Attachment #105433 -
Attachment is obsolete: true
Assignee | ||
Comment 6•22 years ago
|
||
Comment on attachment 105433 [details] [diff] [review] patch v3: validation plus filters out html >+# Validate the values in the axis fields or throw an error. >+!$row_field >+ || ($columns{$row_field} && trick_taint($row_field)) >+ || ThrowCodeError("report_axis_invalid", >+ { val=>$row_field, fld=>"horizontal axis"}); This won't localise properly; you either need three errors, or to pass an additional tag ("horizontal_axis", "mult_tables" etc.) which you can fork on in the error template. Other than that, looks good. Gerv
Attachment #105433 -
Flags: review-
Comment 7•22 years ago
|
||
Updated•22 years ago
|
Attachment #105432 -
Attachment is obsolete: true
Assignee | ||
Comment 8•22 years ago
|
||
Comment on attachment 105459 [details] [diff] [review] patch v3: localizable >+# Validate the values in the axis fields or throw an error. >+!$row_field >+ || ($columns{$row_field} && trick_taint($row_field)) >+ || ThrowCodeError("report_axis_invalid", { fld=>"x", val=>$row_field}); Nit: inconsistent spacing inside {} brackets. Fix that, and r=gerv. Gerv
Attachment #105459 -
Flags: review+
Comment 9•22 years ago
|
||
re: inconsistent spacing; good catch, done. Did you really mean to call this a "nit" or withhold review because of it? When I use that word it means "I want you to change that, but I won't deny you review if you don't." We should be consistent in how we use it, or we're going to confuse patch authors.
Attachment #105459 -
Attachment is obsolete: true
Assignee | ||
Updated•22 years ago
|
Attachment #105491 -
Flags: review+
Assignee | ||
Comment 10•22 years ago
|
||
Comment on attachment 105491 [details] [diff] [review] patch v4: consistent spacing My definition of "Nit" is "small thing that the author will think I'm being really petty about unless I label it as a nit". I tend to specify things which need to be fixed, and things which only could be fixed, independent of that word. So you are right - maybe we do need a definition :-) Gerv
Comment 11•22 years ago
|
||
a=justdave
Comment 12•22 years ago
|
||
Checking in report.cgi; /cvsroot/mozilla/webtools/bugzilla/report.cgi,v <-- report.cgi new revision: 1.7; previous revision: 1.6 done Checking in template/en/default/global/code-error.html.tmpl; /cvsroot/mozilla/webtools/bugzilla/template/en/default/global/code-error.html.tmpl,v <-- code-error.html.tmpl new revision: 1.22; previous revision: 1.21 done
Status: ASSIGNED → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED
Updated•12 years ago
|
QA Contact: matty_is_a_geek → default-qa
You need to log in
before you can comment on or make changes to this bug.
Description
•