Closed Bug 690412 Opened 14 years ago Closed 14 years ago

internal error: Insecure dependency .... at Bugzilla/Object.pm line 276.

Categories

(Bugzilla :: Bugzilla-General, defect)

Product:
Bugzilla
Component:
Bugzilla-General
Version:
4.0.2
Type:
defect
Priority:
Not set
Severity:
major

Tracking

()

Status:
RESOLVED INVALID

People

(Reporter: fche, Unassigned)

References

Details

(Keywords: helpwanted)

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:6.0.2) Gecko/20100101 Firefox/6.0.2 Build ID: 20110906120836 Steps to reproduce: Attempted to load http://sourceware.org/bugzilla/show_bug.cgi?id=11539 as anonymous (not logged in) user. Actual results: Sources Bugzilla has suffered an internal error. Please save this page and send it to overseers@gcc.gnu.org with details of what you were doing at the time this message appeared. URL: http://sourceware.org/bugzilla/show_bug.cgi?id=11539 undef error - Insecure dependency in parameter 3 of DBI::db=HASH(0xafedb24)->selectall_arrayref method call while running with -T switch at Bugzilla/Object.pm line 276. Traceback: Expected results: No error. Logging in results in a normal page load.
Yeah, this is the same bug report as http://gcc.gnu.org/bugzilla/show_bug.cgi?id=50297. As I told there yesterday, this could be a bug in Perl 5.8.5 itself. The error occurs only when you are logged out, and is due to the linkification of "attachment 5301 [details]". I pasted the full error message in http://gcc.gnu.org/bugzilla/show_bug.cgi?id=50297#c2. You can see that it complains that the attachment ID is tainted, right after a call to detaint_natural(). This doesn't make any sense. I will do some more testing.
Severity: normal → major
Status: UNCONFIRMED → NEW
Ever confirmed: true
Keywords: helpwanted
See Also: → http://gcc.gnu.org/bugzilla/show_bug.cgi?id=50297
Ah, the error is not due to the attachment ID being tainted in this bug. The error comes from elsewhere: undef error - Insecure dependency in parameter 3 of DBI::db=HASH(0xacc9440)->selectall_arrayref method call while running with -T switch at Bugzilla/Object.pm line 276. at Bugzilla/Object.pm line 276 Bugzilla::Object::_do_list_select('Bugzilla::Group', ' id IN (?,?) ', 'ARRAY(0xb0c3a24)', 'undef') called at Bugzilla/Object.pm line 253 Bugzilla::Object::match('Bugzilla::Group', 'HASH(0xb0fdc18)') called at Bugzilla/Object.pm line 179 Bugzilla::Object::new_from_list('Bugzilla::Group', 'ARRAY(0xb0f41f0)') called at Bugzilla/User.pm line 1027 Bugzilla::User::direct_group_membership('Bugzilla::User=HASH(0xafd0680)') called at template/en/default/bug/comments.html.tmpl line 163 The problem is again related to comments, though. I wonder what triggers this.
And guess what, the taint issue occurs right after a call to trick_taint() (in the GCC bug, the error occurs right after detaint_natural()). This really makes me think that it's a Perl bug in version 5.8.5. I will clone the DB and play with it locally. We will see if I can reproduce with Perl 5.12.3.
I patched both GCC and Sources Bugzilla with a ugly hack, see the other bug on GCC. As this is IMO a bug in Perl 5.8.5, I'm marking this bug as invalid (i.e. not a Bugzilla bug).
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.