Closed
Bug 136506
Opened 23 years ago
Closed 23 years ago
can't create new accounts cvs tip 4/8/02
Categories
(Bugzilla :: User Accounts, defect, P1)
Bugzilla
User Accounts
Tracking
()
RESOLVED
FIXED
Bugzilla 2.16
People
(Reporter: daa, Assigned: myk)
Details
(Keywords: regression)
Attachments
(1 file)
117 bytes,
patch
|
myk
:
review+
myk
:
review+
|
Details | Diff | Splinter Review |
using:
http://n0cgi.distributed.net/bugs/createaccount.cgi?login=foo%40bar.com&realname=foo+bar
cvs tip bugzilla returns:
Content-type: text/html
Software error:
Attempted to send tainted string 'SELECT eventdata FROM tokens WHERE tokentype =
'emailold' AND eventdata like
'%:foo@bar.com' OR eventdata like 'foo@bar.com:%'' to the database at globals.pl
line 260.
Comment 1•23 years ago
|
||
This is a 2.16 blocker, I'd guess. Without having actually tested this, does
validateNewUser need to do some escaping (and where does that code deal with
stopping someone from hijacking the new email address?)
John, this would be your stuff, I assume
Comment 2•23 years ago
|
||
I found it necessary in userprefs.cgi to add trick_taint($login) after
CheckEmailSyntax($login) to avoid a taint error in ValidateNewUser.
ValidateNewUser does not currently check email syntax, as most invocations have
already done this (and CheckEmailSyntax is in CGI.pl).
Long term, ValidateNewUser should call CheckEmailSyntax and return useful error
messages to be displayed to the user.
The code to avoid new email addresses being hijacked is ValidateNewUser. It
checks there are no tokens with the specified address (pending changes, or
addresses still able to be reverted) and uses DBname_to_id to check against
current users.
Comment 3•23 years ago
|
||
quick fix - add trick taint to createaccount.cgi
Comment 4•23 years ago
|
||
Comment on attachment 78670 [details] [diff] [review]
quick fix
diff -u, please
Attachment #78670 -
Flags: review-
Assignee | ||
Comment 5•23 years ago
|
||
I can't reproduce this; can anyone else?
Comment 6•23 years ago
|
||
I can reproduce this, which may indicate this is similar to bug 134562.
Comment 7•23 years ago
|
||
I'll see if I can work out what is going on later tonight.
Assignee | ||
Comment 8•23 years ago
|
||
Comment on attachment 78670 [details] [diff] [review]
quick fix
Fixes the problem on perl 5.005, continues to work on perl 5.6, trivial fix/low
risk, 2x r=myk
Attachment #78670 -
Flags: review-
Attachment #78670 -
Flags: review+
Updated•23 years ago
|
Assignee | ||
Comment 9•23 years ago
|
||
Checking in createaccount.cgi;
/cvsroot/mozilla/webtools/bugzilla/createaccount.cgi,v <-- createaccount.cgi
new revision: 1.19; previous revision: 1.18
done
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED
Updated•12 years ago
|
QA Contact: matty_is_a_geek → default-qa
You need to log in
before you can comment on or make changes to this bug.
Description
•