Charting fails taint checks

RESOLVED FIXED in Bugzilla 2.16

Status

()

P1
blocker
RESOLVED FIXED
17 years ago
6 years ago

People

(Reporter: bbaetz, Assigned: bbaetz)

Tracking

2.15
Bugzilla 2.16
x86
Linux

Details

Attachments

(1 attachment)

(Assignee)

Description

17 years ago
Try to do a chart, and you'll get a taint error. Their are two problems:

First, we weren't detainting the product name after checking it. Secondly, the
name of the file depend son input from the fields. For several reasons (see
comments in the patch) we can't only allow valid inputs, so just do basic
"letter+number" checks.
(Assignee)

Comment 1

17 years ago
daa reported this; forgot to cc him
Status: NEW → ASSIGNED
Priority: -- → P1
Target Milestone: --- → Bugzilla 2.16
(Assignee)

Comment 2

17 years ago
Created attachment 67229 [details] [diff] [review]
patch
(Assignee)

Comment 5

17 years ago
Checked in.
Status: ASSIGNED → RESOLVED
Last Resolved: 17 years ago
Resolution: --- → FIXED
QA Contact: matty_is_a_geek → default-qa
You need to log in before you can comment on or make changes to this bug.