Closed
Bug 250265
Opened 21 years ago
Closed 21 years ago
taint issues with vote fields when editing products
Categories
(Bugzilla :: Administration, task)
Tracking
()
RESOLVED
FIXED
Bugzilla 2.18
People
(Reporter: bugzilla, Assigned: bugzilla)
Details
Attachments
(1 file, 1 obsolete file)
|
1.19 KB,
patch
|
bugreport
:
review+
|
Details | Diff | Splinter Review |
votesperuser, maxvotesperbug and votestoconfirm all have taint problems
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Flags: blocking2.18?
Attachment #152554 -
Flags: review?
|
||
Comment 2•21 years ago
|
||
Comment on attachment 152554 [details] [diff] [review]
detaint (and validate) the vote-related parameters when editting products
detaint_natural doesn't return true for negative integers.
Therefore, "if $number < 0", then "!detaint_natural($number)" will be certainly
true. This can be used in order to remove the redundant checks in the patch.
Attachment #152554 -
Flags: review? → review-
|
||
Updated•21 years ago
|
Flags: blocking2.18? → blocking2.18+
Target Milestone: --- → Bugzilla 2.18
|
|
||
Comment 3•21 years ago
|
||
Attachment #152554 -
Attachment is obsolete: true
|
|
||
Updated•21 years ago
|
Attachment #152617 -
Flags: review?
|
|
||
Comment 4•21 years ago
|
||
Since we're short on time, if anybody is available for review feel free to dig
in. :)
|
|
||
Comment 5•21 years ago
|
||
Comment on attachment 152617 [details] [diff] [review]
GavinS's patch with optimised if conditions
r=joel
Attachment #152617 -
Flags: review? → review+
|
|
||
Updated•21 years ago
|
Flags: approval?
|
|
||
Updated•21 years ago
|
Flags: approval? → approval+
|
|
||
Comment 6•21 years ago
|
||
Checking in editproducts.cgi;
/cvsroot/mozilla/webtools/bugzilla/editproducts.cgi,v <-- editproducts.cgi
new revision: 1.53; previous revision: 1.52
done
Status: ASSIGNED → RESOLVED
Closed: 21 years ago
Resolution: --- → FIXED
Summary: taint issues with vote fields when editting products → taint issues with vote fields when editing products
|
||
Updated•12 years ago
|
QA Contact: matty_is_a_geek → default-qa
You need to log in
before you can comment on or make changes to this bug.
Description
•