Skip to content

bugzilla
bugzilla
Commit 0930c074 authored by myk%mozilla.org's avatar myk%mozilla.org
Browse files
Options

Fix for bug 72184: prevents users from entering too-large comments/descriptions…

Fix for bug 72184: prevents users from entering too-large comments/descriptions that get rejected by MySQL's MAX_PACKET_SIZE restrictions. Patch by Myk Melez <myk@mozilla.org>. r=bbaetz,gerv
parent 861379ae
Hide whitespace changes
Inline Side-by-side
Showing with 19 additions and 0 deletions
CGI.pl
View file @ 0930c074
...@@ -324,6 +324,19 @@ sub ValidateBugID { ...@@ -324,6 +324,19 @@ sub ValidateBugID {
} }
sub ValidateComment {
# Make sure a comment is not too large (greater than 64K).
my ($comment) = @_;
if (defined($comment) && length($comment) > 65535) {
DisplayError("Comments cannot be longer than 65,535 characters.");
exit;
}
}
# check and see if a given string actually represents a positive # check and see if a given string actually represents a positive
# integer, and abort if not. # integer, and abort if not.
# #
......
attachment.cgi
View file @ 0930c074
...@@ -77,6 +77,7 @@ elsif ($action eq "insert") ...@@ -77,6 +77,7 @@ elsif ($action eq "insert")
{ {
confirm_login(); confirm_login();
ValidateBugID($::FORM{'bugid'}); ValidateBugID($::FORM{'bugid'});
ValidateComment($::FORM{'comment'});
validateFilename(); validateFilename();
validateData(); validateData();
validateDescription(); validateDescription();
...@@ -95,6 +96,7 @@ elsif ($action eq "edit") ...@@ -95,6 +96,7 @@ elsif ($action eq "edit")
elsif ($action eq "update") elsif ($action eq "update")
{ {
confirm_login(); confirm_login();
ValidateComment($::FORM{'comment'});
validateID(); validateID();
validateCanEdit($::FORM{'id'}); validateCanEdit($::FORM{'id'});
validateDescription(); validateDescription();
......
post_bug.cgi
View file @ 0930c074
...@@ -49,6 +49,8 @@ sub sillyness { ...@@ -49,6 +49,8 @@ sub sillyness {
confirm_login(); confirm_login();
ValidateComment($::FORM{'comment'});
my $cookiepath = Param("cookiepath"); my $cookiepath = Param("cookiepath");
print "Set-Cookie: PLATFORM=$::FORM{'product'} ; path=$cookiepath ; expires=Sun, 30-Jun-2029 00:00:00 GMT\n" if ( exists $::FORM{'product'} ); print "Set-Cookie: PLATFORM=$::FORM{'product'} ; path=$cookiepath ; expires=Sun, 30-Jun-2029 00:00:00 GMT\n" if ( exists $::FORM{'product'} );
print "Set-Cookie: VERSION-$::FORM{'product'}=$::FORM{'version'} ; path=$cookiepath ; expires=Sun, 30-Jun-2029 00:00:00 GMT\n" if ( exists $::FORM{'product'} && exists $::FORM{'version'} ); print "Set-Cookie: VERSION-$::FORM{'product'}=$::FORM{'version'} ; path=$cookiepath ; expires=Sun, 30-Jun-2029 00:00:00 GMT\n" if ( exists $::FORM{'product'} && exists $::FORM{'version'} );
......
process_bug.cgi
View file @ 0930c074
...@@ -92,6 +92,8 @@ if (defined $::FORM{'dup_id'} && $::FORM{'knob'} eq "duplicate") { ...@@ -92,6 +92,8 @@ if (defined $::FORM{'dup_id'} && $::FORM{'knob'} eq "duplicate") {
DuplicateUserConfirm(); DuplicateUserConfirm();
} }
ValidateComment($::FORM{'comment'});
###################################################################### ######################################################################
# End Data/Security Validation # End Data/Security Validation
###################################################################### ######################################################################
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment