Skip to content

bugzilla
bugzilla
Commit 30f965e0 authored by lpsolit%gmail.com's avatar lpsolit%gmail.com
Browse files
Options

Bug 300831: editwhines.cgi twice uses $1 without checking for regex match -…

Bug 300831: editwhines.cgi twice uses $1 without checking for regex match - Patch by A. Karl Kornel <karl@kornel.name> r=joel a=myk
parent 7e7134c7
Hide whitespace changes
Inline Side-by-side
Showing with 17 additions and 10 deletions
editwhines.cgi
View file @ 30f965e0
...@@ -236,19 +236,26 @@ if ($cgi->param('update')) { ...@@ -236,19 +236,26 @@ if ($cgi->param('update')) {
if ($mailto_type == MAILTO_USER) { if ($mailto_type == MAILTO_USER) {
# detaint # detaint
my $emailregexp = Param('emailregexp'); my $emailregexp = Param('emailregexp');
$mailto =~ /($emailregexp)/; if ($mailto =~ /($emailregexp)/) {
$mailto =~ $1; $mailto_id = login_to_id($1);
$mailto_id = login_to_id($mailto); }
else {
ThrowUserError("illegal_email_address",
{ addr => $mailto });
}
} }
elsif ($mailto_type == MAILTO_GROUP) { elsif ($mailto_type == MAILTO_GROUP) {
# detaint the group parameter # detaint the group parameter
$mailto =~ /^([0-9a-z_\-\.]+)/i; if ($mailto =~ /^([0-9a-z_\-\.]+)$/i) {
my $group = $1; $mailto_id = Bugzilla::Group::ValidateGroupName(
$1, ($user)) ||
$mailto_id = Bugzilla::Group::ValidateGroupName( ThrowUserError(
$group, ($user)); 'invalid_group_name',
$mailto_id || ThrowUserError( { name => $1 });
'invalid_group_name', {name => $group}); } else {
ThrowUserError('invalid_group_name',
{ name => $mailto });
}
} }
else { else {
# bad value, so it will just mail to the whine # bad value, so it will just mail to the whine
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment