Closed Bug 129482 Opened 23 years ago Closed 23 years ago

bugzilla doesn't sanity check summary input - newlines in summary corrupt email headers

Categories

(Bugzilla :: Creating/Changing Bugs, defect)

Product:
Bugzilla
Component:
Creating/Changing Bugs
Version:
2.15
Platform:
x86
Neutrino
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
VERIFIED DUPLICATE of bug 101380

People

(Reporter: timeless, Assigned: myk)

Details

bugzilla doesn't sanity check summary input. result: bugmail headers can be invalid, perhaps even exploitable, i haven't tried (i'm not quite sure what use there would be in exploiting bugzilla headers).
see the activity on this bug for the original summary, I just nuked it to avoid corruption when we fix this. *** This bug has been marked as a duplicate of 96431 ***
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → DUPLICATE
Summary: <caillon> timeless: wow good job. you broke MozMail <timeless> caillon: yeah i do that often :-) <timeless> technically i didn't break mozmail per say. since it also breaks nc4 and in fact the bug is in bugzilla <timeless> i presume you saw headers flowi… → bugzilla doesn't sanity check summary input
I take that back, this isn't exactly the same thing (though it's probably related).
Status: RESOLVED → REOPENED
Resolution: DUPLICATE → ---
Summary: bugzilla doesn't sanity check summary input → bugzilla doesn't sanity check summary input - newlines in summary corrupt email headers
*** This bug has been marked as a duplicate of 101380 ***
Status: REOPENED → RESOLVED
Closed: 23 years ago23 years ago
Resolution: --- → DUPLICATE
Verified dupe
Status: RESOLVED → VERIFIED
QA Contact: matty_is_a_geek → default-qa
You need to log in before you can comment on or make changes to this bug.