Closed Bug 155700 Opened 21 years ago Closed 21 years ago
taint error in Send
SQL when called from Validate Bug ID
ValidateBugID makes sure the ID is valid in a way that doesn't detaint it. ValidateBugID needs to trick_taint/detaint_natural the ID.
It's a blocker. Bugzilla doesn't work now. This is a regression from bug 99203.
Comment on attachment 90168 [details] [diff] [review] patch v1: fixes problem Actually, what you should be doing is doing |my $alias = $id|, then instead of the regexp against [1-9][0-9]* do if !detaint_natural($id) && ... and have the code in the if use $alias instead of $id. You need the copy because detaint_natural modifies its arguments.
Attachment #90168 - Flags: review-
The bbaetz way. Presumably the $id BugIDToAlias returns is non-tainted by virtue of having been returned from the database.
Attachment #90168 - Attachment is obsolete: true
I'll probably be away from the computer Thursday (July 4). Feel free to check this in on my behalf if it gets review and I'm not around to check it in.
Comment on attachment 90187 [details] [diff] [review] patch v2: bbaetz' way This looks ok. Unfortunately, I can't test, cause it turns out that $::FORM is _NOT_ tainted under perl5.6.1. This is probably why I/myk didn't pick this up earlier) See http://bugs.perl.org/perlbug.cgi?req=bug_id&bug_id=20020704.001 for my bugreport on this. I have a workarround, which I will be submitting for 2.16 unless the perl bug people have a better solution. r=bbaetz, but only 1x because of that
bbaetz- What does this have to do with 2.16? This is a regression from the fix for bug 99203 (bug aliases) , which only went into 2.18. By "only one review", do you mean to say that I can check it in (since 2.18 patches require only a single review by default) or that a second is required?
It means that I can't actually test, so you should get review from someone with perl 5.6.0 (or 5.005) who can. My 2.16 comment was referring to bug 155793, which is why I can't test this
Comment on attachment 90187 [details] [diff] [review] patch v2: bbaetz' way Actually, I now have a fix for the other bug, so I can test this. r=bbaetz x2
Checking in CGI.pl; /cvsroot/mozilla/webtools/bugzilla/CGI.pl,v <-- CGI.pl new revision: 1.161; previous revision: 1.160 done
Status: NEW → RESOLVED
Closed: 21 years ago
Resolution: --- → FIXED
QA Contact: matty_is_a_geek → default-qa
You need to log in before you can comment on or make changes to this bug.