Bug 283562: Insecure dependency in parameter 3 of DBI::db (login_to_id forgets a trick_taint)

Patch By Max Kanat-Alexander <mkanat@kerio.com> r=wurblzap, r=joel, a=justdave

Bug 283562: Insecure dependency in parameter 3 of DBI::db (login_to_id forgets a trick_taint)
1355d45b · mkanat%kerio.com · 1e1498c4 · 1355d45b
Commit 1355d45b authored Feb 27, 2005 by mkanat%kerio.com
Hide whitespace changes
Inline Side-by-side

Showing with 3 additions and 2 deletions

User.pm Bugzilla/User.pm +3 -2

No files found.
--- a/Bugzilla/User.pm
+++ b/Bugzilla/User.pm
@@ -1013,10 +1013,11 @@ sub is_available_username ($;$) {
 sub login_to_id ($) {
    my ($login) = (@_);
    my $dbh = Bugzilla->dbh;
+    # $login will only be used by the following SELECT statement, so it's safe.
+    trick_taint($login);
    my $user_id = $dbh->selectrow_array(
        "SELECT userid FROM profiles WHERE login_name = ?", undef, $login);
-    # $user_id should be a positive integer, this makes Taint mode happy
-    if (defined $user_id && detaint_natural($user_id)) {
+    if ($user_id) {
        return $user_id;
    } else {
        return 0;