Closed Bug 283085 Opened 20 years ago Closed 20 years ago

post_bug.cgi can be used to know which products do not exist and which ones are not accessible

Categories

(Bugzilla :: Creating/Changing Bugs, defect)

Product:
Bugzilla
Component:
Creating/Changing Bugs
Version:
2.19.2
Type:
defect
Priority:
Not set
Severity:
major

Tracking

()

Status:
RESOLVED FIXED
Milestone:
Bugzilla 2.18

People

(Reporter: LpSolit, Assigned: LpSolit)

Details

Attachments

(1 file)

patch, v1
1.12 KB, patch
myk
: review+
Details | Diff | Splinter Review 
In post_bug.cgi, we have the following sequence:

my $product = $::FORM{'product'};
my $product_id = get_product_id($product);
if (!$product_id) {
    ThrowUserError("invalid_product_name",
                   { product => $product });
}

and later:

if (!CanEnterProduct($product)) {
    ThrowUserError("entry_access_denied", {product => $product});
}

This can be used by a user to know which products exist and which ones are not
accessible. As per bug 153461 comment 18 about describecomponents.cgi, this
information should not be given.

Then the correct fix is the same as the one applied in enter_bug.cgi:

my $product = $::FORM{'product'};
if (!CanEnterProduct($product)) {
    ThrowUserError("entry_access_denied", {product => $product});
}
my $product_id = get_product_id($product);
Status: NEW → ASSIGNED
Target Milestone: --- → Bugzilla 2.20
Attached patch patch, v1Splinter Review 

        Attachment #175079 -
        Flags: review?(myk)

    
    

    
  
Comment on attachment 175079 [details] [diff] [review]
patch, v1

r=myk

        Attachment #175079 -
        Flags: review?(myk) → review+

    
    

    
  
This is a minor security issue and should go into 2.18.
Flags: approval2.18+
Flags: approval+

    
  
Target Milestone: Bugzilla 2.20 → Bugzilla 2.18

    
    

    
  
2.18:
Checking in post_bug.cgi;
/cvsroot/mozilla/webtools/bugzilla/post_bug.cgi,v  <--  post_bug.cgi
new revision: 1.88.2.4; previous revision: 1.88.2.3
done

Tip:
Checking in post_bug.cgi;
/cvsroot/mozilla/webtools/bugzilla/post_bug.cgi,v  <--  post_bug.cgi
new revision: 1.102; previous revision: 1.101
done
Status: ASSIGNED → RESOLVED
Closed: 20 years ago
Resolution: --- → FIXED

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: