I tested on bugzilla-tip-pg and qa30pg on landfill, as well as on my local 2.23.3 installation running on PostgreSQL, and I can reproduce the bug in all 3 installations: Insecure dependency in parameter 1 of DBI::db=HASH(0x931b930)->prepare method call while running with -T switch at /var/www/html/qa30pg/buglist.cgi line 996. To reproduce, go to query.cgi, and select: A Comment: "contains all of the words/strings" "foo" I cannot reproduce the bug on MySQL using this testcase, nor can I reproduce on 2.22 using PostgreSQL. So this bug is specific to 3.0 running on PostgreSQL.
I have no idea what the problem is. joel, Max, can you help?
All right. I'm investigating this. This line shows up as tainted: ((bugs.bug_status IN ('NEW','ASSIGNED','REOPENED')) AND (POSITION('foo' IN LOWER(bugs.short_desc)) > 0))
Assignee: query-and-buglist → mkanat
Created attachment 241455 [details] [diff] [review] v1 Okay, here we go. Trivial and obvious patch. The code was obviously wrong before. I don't know why MySQL wasn't throwing this error--I suppose its quote() function also detaints, while Pg's doesn't.
Attachment #241455 - Flags: review?(LpSolit)
For the record, this is a regression due to bug 300552, which landed on tip only.
Status: NEW → ASSIGNED
Depends on: 300552
Comment on attachment 241455 [details] [diff] [review] v1 Tested. This fixes the problem. r=LpSolit Land this asap.
Attachment #241455 - Flags: review?(LpSolit) → review+
Checking in Bugzilla/Search.pm; /cvsroot/mozilla/webtools/bugzilla/Bugzilla/Search.pm,v <-- Search.pm new revision: 1.142; previous revision: 1.141 done
Status: ASSIGNED → RESOLVED
Last Resolved: 12 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.