Closed Bug 453497 Opened 16 years ago Closed 16 years ago

Undef to trick_taint at Bugzilla/Util.pm line 63 from editcomponents.cgi line 197

Categories

(Bugzilla :: Administration, task)

Product:
Bugzilla
Component:
Administration
Version:
2.22
Type:
task
Priority:
Not set
Severity:
major

Tracking

()

Status:
RESOLVED DUPLICATE of bug 359765

People

(Reporter: justdave, Unassigned)

Details

+++ This bug was initially created as a clone of Bug #340609 Comment 3 +++

Comment From  Ryszard Lach   2006-06-26 03:16:43 PDT

I have a similar problem:

Undef to trick_taint at Bugzilla/Util.pm line 66
        Bugzilla::Util::trick_taint('undef') called at
.../editcomponents.cgi line 197

My Bugzilla version is 2.22.
Do you have the full stack trace? That as it is isn't very useful.
The line in question is:

 my $nonopen_name = $cgi->param('nonopen_name');
 trick_taint($nonopen_name); # It's me!

'nonopen_name' must always be defined in the template. If it's not, this means someone customized the template and remove it. So that's the hacker's fault -> INVALID!

Moreover, since Bugzilla 3.2, this param no longer exists. So this problem cannot happen anymore anyway.
Status: NEW → RESOLVED
Closed: 16 years ago
Keywords: qawanted
Resolution: --- → INVALID
Resolution: INVALID → DUPLICATE
You need to log in before you can comment on or make changes to this bug.