Bug 600464: (CVE-2010-3172) [SECURITY] Content/Header injection due to…

Bug 600464: (CVE-2010-3172) [SECURITY] Content/Header injection due to non-random multipart/x-mixed-replace boundary r=mkanat a=LpSolit

Bug 600464: (CVE-2010-3172) [SECURITY] Content/Header injection due to…
3f3cc3c9 · Byron Jones · Frédéric Buclin · c793bb32 · 3f3cc3c9
Commit 3f3cc3c9 authored Nov 03, 2010 by Byron Jones Committed by Frédéric Buclin Nov 03, 2010
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 1 deletion

CGI.pm Bugzilla/CGI.pm +2 -1

No files found.
--- a/Bugzilla/CGI.pm
+++ b/Bugzilla/CGI.pm
@@ -213,7 +213,8 @@ sub multipart_init {
    }

    # Set the MIME boundary and content-type
-    my $boundary = $param{'-boundary'} || '------- =_aaaaaaaaaa0';
+    my $boundary = $param{'-boundary'}
+        || '------- =_' . generate_random_password(16);
    delete $param{'-boundary'};
    $self->{'separator'} = "\r\n--$boundary\r\n";
    $self->{'final_separator'} = "\r\n--$boundary--\r\n";