Closed
Bug 192661
Opened 22 years ago
Closed 22 years ago
Dependency graphs print bug summaries without html encoding
Categories
(Bugzilla :: Reporting/Charting, defect)
Tracking
()
RESOLVED
FIXED
Bugzilla 2.18
People
(Reporter: jouni, Assigned: justdave)
References
Details
(Whiteboard: [fixed in 2.16.3] [fixed in 2.17.4])
Attachments
(2 files)
853 bytes,
patch
|
gerv
:
review+
bbaetz
:
review+
|
Details | Diff | Splinter Review |
846 bytes,
patch
|
gerv
:
review+
bbaetz
:
review+
|
Details | Diff | Splinter Review |
Locally generated dependency graphs print bug summaries without html encoding when including summaries. I noticed this when patching bug 166346 and the patch there doesn't include a fix for this. To reproduce: Configure BZ to use local dot installation, give a bug a summary like '"><script>alert('yeah!')</script>' and create a dep graph with summaries. You should see the alert dialog.
Assignee | ||
Comment 1•22 years ago
|
||
uh oh FYI, this is in the 2.16 branch as well. 2.16.3 here we come
Target Milestone: --- → Bugzilla 2.18
Assignee | ||
Updated•22 years ago
|
Whiteboard: [wanted for 2.16.3]
Assignee | ||
Comment 3•22 years ago
|
||
Assignee | ||
Comment 4•22 years ago
|
||
Assignee | ||
Updated•22 years ago
|
Attachment #114184 -
Flags: review?(gerv)
Assignee | ||
Updated•22 years ago
|
Attachment #114184 -
Flags: review?(bbaetz)
Assignee | ||
Updated•22 years ago
|
Attachment #114185 -
Flags: review?(gerv)
Assignee | ||
Updated•22 years ago
|
Attachment #114185 -
Flags: review?(bbaetz)
Assignee | ||
Comment 5•22 years ago
|
||
You can experience this exploit first-hand at http://landfill.bugzilla.org/bugzilla-tip/showdependencygraph.cgi?id=1&showsummary=on
Comment 6•22 years ago
|
||
Comment on attachment 114184 [details] [diff] [review] Patch against tip Ew, that code is ugly. r=bbaetz
Attachment #114184 -
Flags: review?(bbaetz) → review+
Comment 7•22 years ago
|
||
Comment on attachment 114185 [details] [diff] [review] patch against 2.16 branch And again, eww + r=bbaetz
Attachment #114185 -
Flags: review?(bbaetz) → review+
Comment 8•22 years ago
|
||
Comment on attachment 114185 [details] [diff] [review] patch against 2.16 branch r=gerv. Gerv
Attachment #114185 -
Flags: review?(gerv)
Comment 9•22 years ago
|
||
Comment on attachment 114184 [details] [diff] [review] Patch against tip r=gerv. Gerv
Attachment #114184 -
Flags: review?(gerv)
Assignee | ||
Comment 10•22 years ago
|
||
Putting this on the approval list... will hold it there until about a day before we're ready to roll with the release announcement, then we'll check it in. (that way we don't have it showing up on bonsai where people can see it before it's been announced)
Flags: approval?
Whiteboard: [wanted for 2.16.3] → [fixed in 2.16.3][fixed on trunk][pending checkin on both]
Assignee | ||
Comment 12•22 years ago
|
||
Just as FYI, this was introduced with the checkin from bug 134571, which was checked in on 2002-05-07.
Assignee | ||
Comment 13•22 years ago
|
||
This is on hold for the moment until we sort out another security hole that was just found. We were mere hours from releasing 2.16.3 and 2.17.4 this morning when it was found and I got a frantic "stop the presses" email. We'll probably be a few days sorting it out, but 2.16.3 and 2.17.4 will go out (with this in it) as soon as we have all the known holes plugged.
Assignee | ||
Updated•22 years ago
|
Flags: approval? → approval+
Assignee | ||
Comment 14•22 years ago
|
||
HEAD: Checking in showdependencygraph.cgi; /cvsroot/mozilla/webtools/bugzilla/showdependencygraph.cgi,v <-- showdependencygraph.cgi new revision: 1.27; previous revision: 1.26 done BUGZILLA-2_16-BRANCH: Checking in showdependencygraph.cgi; /cvsroot/mozilla/webtools/bugzilla/showdependencygraph.cgi,v <-- showdependencygraph.cgi new revision: 1.18.2.2; previous revision: 1.18.2.1 done
Status: NEW → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED
Assignee | ||
Updated•22 years ago
|
Whiteboard: [fixed in 2.16.3][fixed on trunk][pending checkin on both] → [fixed in 2.16.3][fixed on trunk]
Assignee | ||
Updated•22 years ago
|
Whiteboard: [fixed in 2.16.3][fixed on trunk] → [fixed in 2.16.3] [fixed in 2.17.4]
Assignee | ||
Comment 15•22 years ago
|
||
Security Advisory has been posted, removing security group
Group: webtools-security
Updated•12 years ago
|
QA Contact: matty_is_a_geek → default-qa
You need to log in
before you can comment on or make changes to this bug.
Description
•