Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
bugzilla
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
etersoft
bugzilla
Commits
4e6767d4
Commit
4e6767d4
authored
Jan 20, 2002
by
justdave%syndicomm.com
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Fix for bug 108982: enable taint mode for all user-facing CGI files.
Patch by Brad Baetz <bbaetz@student.usyd.edu.au> r= jake, justdave
parent
72f340e3
Show whitespace changes
Inline
Side-by-side
Showing
40 changed files
with
206 additions
and
71 deletions
+206
-71
Attachment.pm
Attachment.pm
+0
-1
Bug.pm
Bug.pm
+5
-4
Attachment.pm
Bugzilla/Attachment.pm
+0
-1
Bug.pm
Bugzilla/Bug.pm
+5
-4
Token.pm
Bugzilla/Token.pm
+0
-1
CGI.pl
CGI.pl
+13
-6
Token.pm
Token.pm
+0
-1
attachment.cgi
attachment.cgi
+5
-3
buglist.cgi
buglist.cgi
+18
-2
bugzilla.dtd
bugzilla.dtd
+1
-1
changepassword.cgi
changepassword.cgi
+1
-1
colchange.cgi
colchange.cgi
+3
-1
createaccount.cgi
createaccount.cgi
+3
-1
createattachment.cgi
createattachment.cgi
+3
-1
describecomponents.cgi
describecomponents.cgi
+3
-1
describekeywords.cgi
describekeywords.cgi
+3
-1
doeditparams.cgi
doeditparams.cgi
+3
-1
doeditvotes.cgi
doeditvotes.cgi
+4
-5
duplicates.cgi
duplicates.cgi
+4
-1
enter_bug.cgi
enter_bug.cgi
+3
-1
globals.pl
globals.pl
+19
-0
long_list.cgi
long_list.cgi
+3
-1
move.pl
move.pl
+4
-1
new_comment.cgi
new_comment.cgi
+1
-1
post_bug.cgi
post_bug.cgi
+3
-1
process_bug.cgi
process_bug.cgi
+22
-10
queryhelp.cgi
queryhelp.cgi
+3
-1
quips.cgi
quips.cgi
+3
-1
relogin.cgi
relogin.cgi
+3
-1
reports.cgi
reports.cgi
+3
-1
sanitycheck.cgi
sanitycheck.cgi
+3
-1
show_activity.cgi
show_activity.cgi
+3
-1
show_bug.cgi
show_bug.cgi
+3
-1
showattachment.cgi
showattachment.cgi
+4
-2
showdependencygraph.cgi
showdependencygraph.cgi
+7
-1
showvotes.cgi
showvotes.cgi
+4
-2
002goodperl.t
t/002goodperl.t
+30
-3
token.cgi
token.cgi
+3
-1
userprefs.cgi
userprefs.cgi
+3
-1
xml.cgi
xml.cgi
+5
-2
No files found.
Attachment.pm
View file @
4e6767d4
#!/usr/bonsaitools/bin/perl -w
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
...
...
Bug.pm
View file @
4e6767d4
#!/usr/bonsaitools/bin/perl -w
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
...
...
@@ -75,10 +74,12 @@ sub initBug {
my
$self
=
shift
();
my
(
$bug_id
,
$user_id
)
=
(
@_
);
if
(
(
!
defined
$bug_id
)
||
(
!
$bug_id
)
)
{
my
$old_bug_id
=
$bug_id
;
if
(
(
!
defined
$bug_id
)
||
(
!
$bug_id
)
||
(
!&::
detaint_natural
(
$bug_id
))
)
{
# no bug number given
return
{};
$self
->
{
'bug_id'
}
=
$old_bug_id
;
$self
->
{
'error'
}
=
"InvalidBugId"
;
return
$self
;
}
# default userid 0, or get DBID if you used an email address
...
...
Bugzilla/Attachment.pm
View file @
4e6767d4
#!/usr/bonsaitools/bin/perl -w
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
...
...
Bugzilla/Bug.pm
View file @
4e6767d4
#!/usr/bonsaitools/bin/perl -w
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
...
...
@@ -75,10 +74,12 @@ sub initBug {
my
$self
=
shift
();
my
(
$bug_id
,
$user_id
)
=
(
@_
);
if
(
(
!
defined
$bug_id
)
||
(
!
$bug_id
)
)
{
my
$old_bug_id
=
$bug_id
;
if
(
(
!
defined
$bug_id
)
||
(
!
$bug_id
)
||
(
!&::
detaint_natural
(
$bug_id
))
)
{
# no bug number given
return
{};
$self
->
{
'bug_id'
}
=
$old_bug_id
;
$self
->
{
'error'
}
=
"InvalidBugId"
;
return
$self
;
}
# default userid 0, or get DBID if you used an email address
...
...
Bugzilla/Token.pm
View file @
4e6767d4
#!/usr/bonsaitools/bin/perl -w
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
...
...
CGI.pl
View file @
4e6767d4
...
...
@@ -93,6 +93,9 @@ sub url_quote {
sub
ParseUrlString
{
# We don't want to detaint the user supplied data...
use
re
'taint'
;
my
(
$buffer
,
$f
,
$m
)
=
(
@_
);
undef
%
$f
;
undef
%
$m
;
...
...
@@ -118,6 +121,7 @@ sub ParseUrlString {
$name
=
$item
;
$value
=
""
;
}
if
(
$value
ne
""
)
{
if
(
defined
$f
->
{
$name
})
{
$f
->
{
$name
}
.=
$value
;
...
...
@@ -141,7 +145,6 @@ sub ParseUrlString {
}
}
sub
ProcessFormFields
{
my
(
$buffer
)
=
(
@_
);
return
ParseUrlString
(
$buffer
,
\%::
FORM
,
\%::
MFORM
);
...
...
@@ -259,18 +262,18 @@ sub ValidateBugID {
# Validates and verifies a bug ID, making sure the number is a
# positive integer, that it represents an existing bug in the
# database, and that the user is authorized to access that bug.
# We detaint the number here, too
my
(
$id
)
=
@_
;
# Make sure the bug number is a positive integer.
# Whitespace can be ignored because the SQL server will ignore it.
$id
=~
/^\s*([1-9][0-9]*)\s*$/
$_
[
0
]
=
trim
(
$_
[
0
]);
# Allow whitespace arround the number
detaint_natural
(
$_
[
0
])
||
DisplayError
(
"The bug number is invalid. If you are trying to use "
.
"QuickSearch, you need to enable JavaScript in your "
.
"browser. To help us fix this limitation, look "
.
"<a href=\"http://bugzilla.mozilla.org/show_bug.cgi?id=70907\">here</a>."
)
&&
exit
;
my
(
$id
)
=
@_
;
# Get the values of the usergroupset and userid global variables
# and write them to local variables for use within this function,
# setting those local variables to the default value of zero if
...
...
@@ -685,6 +688,8 @@ sub quietly_check_login() {
$::COOKIE
{
"Bugzilla_login"
}
=
$loginname
;
# Makes sure case
# is in
# canonical form.
# We've just verified that this is ok
detaint_natural
(
$::COOKIE
{
"Bugzilla_logincookie"
});
}
else
{
$::disabledreason
=
$disabledtext
;
}
...
...
@@ -1430,6 +1435,8 @@ if (defined $ENV{"REQUEST_METHOD"}) {
if
(
defined
$ENV
{
"HTTP_COOKIE"
})
{
# Don't trust anything which came in as a cookie
use
re
'taint'
;
foreach
my
$pair
(
split
(
/;/
,
$ENV
{
"HTTP_COOKIE"
}))
{
$pair
=
trim
(
$pair
);
if
(
$pair
=~
/^([^=]*)=(.*)$/
)
{
...
...
Token.pm
View file @
4e6767d4
#!/usr/bonsaitools/bin/perl -w
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
...
...
attachment.cgi
View file @
4e6767d4
#!/usr/bonsaitools/bin/perl -w
#!/usr/bonsaitools/bin/perl -w
T
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
...
...
@@ -29,6 +29,8 @@
use
diagnostics
;
use
strict
;
use
lib
qw(.)
;
# Include the Bugzilla CGI and general utility library.
require
"CGI.pl"
;
...
...
@@ -139,10 +141,10 @@ exit;
sub
validateID
{
# Validate the value of the "id" form field, which must contain a
positive
# Validate the value of the "id" form field, which must contain a
n
# integer that is the ID of an existing attachment.
$::FORM
{
'id'
}
=~
/^[1-9][0-9]*$/
detaint_natural
(
$::FORM
{
'id'
})
||
DisplayError
(
"You did not enter a valid attachment number."
)
&&
exit
;
...
...
buglist.cgi
View file @
4e6767d4
#!/usr/bonsaitools/bin/perl -w
#!/usr/bonsaitools/bin/perl -w
T
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
...
...
@@ -26,6 +26,8 @@
use
diagnostics
;
use
strict
;
use
lib
qw(.)
;
require
"CGI.pl"
;
use
Date::
Parse
;
...
...
@@ -783,6 +785,11 @@ sub GenerateSQL {
die
"Internal error: $errstr"
if
$chart
<
0
;
return
Error
(
$errstr
);
}
# This is either from the internal chart (in which case we
# already know about it), or it was in %chartfields, so it is
# a valid field name, which means that its ok.
trick_taint
(
$f
);
$q
=
SqlQuote
(
$v
);
my
$func
;
$term
=
undef
;
...
...
@@ -1067,7 +1074,15 @@ my @fields = ("bugs.bug_id", "bugs.groupset");
foreach
my
$c
(
@collist
)
{
if
(
exists
$::needquote
{
$c
})
{
push
(
@fields
,
"$::key{$c}"
);
# The value we are actually using is $::key{$c}, which was created
# using the DefCol() function earlier. We test for the existance
# of $::needsquote{$c} to find out if $c is a legitimate key in the
# hashes that were defined by DefCol(). If $::needsquote{$c} exists,
# then $c is valid and we can use it to look up our key.
# If it doesn't exist, then we know the user is screwing with us
# and we'll just skip it.
trick_taint
(
$c
);
push
(
@fields
,
$::key
{
$c
});
}
}
...
...
@@ -1142,6 +1157,7 @@ if (defined $::FORM{'order'} && $::FORM{'order'} ne "") {
}
die
"Invalid order: $::FORM{'order'}"
unless
$::FORM
{
'order'
}
=~
/^([a-zA-Z0-9_., ]+)$/
;
$::FORM
{
'order'
}
=
$1
;
# detaint this, since we've checked it
# Extra special disgusting hack: if we are ordering by target_milestone,
# change it to order by the sortkey of the target_milestone first.
...
...
bugzilla.dtd
View file @
4e6767d4
...
...
@@ -8,7 +8,7 @@ priority, version, rep_platform, assigned_to, delta_ts, component,
reporter, target_milestone?, bug_severity, creation_ts, qa_contact?,
status_whiteboard?, op_sys, short_desc?, keywords*, dependson*,
blocks*, cc*, long_desc?, attachment*)>
<!ATTLIST bug error (NotFound|NotPermitted) #IMPLIED>
<!ATTLIST bug error (NotFound|NotPermitted
|InvalidBugId
) #IMPLIED>
<!ELEMENT bug_id (#PCDATA)>
<!ELEMENT short_desc (#PCDATA)>
<!ELEMENT bug_status (#PCDATA)>
...
...
changepassword.cgi
View file @
4e6767d4
#!/usr/bonsaitools/bin/perl -w
#!/usr/bonsaitools/bin/perl -w
T
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
...
...
colchange.cgi
View file @
4e6767d4
#!/usr/bonsaitools/bin/perl -w
#!/usr/bonsaitools/bin/perl -w
T
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
...
...
@@ -23,6 +23,8 @@
use
diagnostics
;
use
strict
;
use
lib
qw(.)
;
sub
sillyness
{
# shut up "used only once" warnings
my
$zz
=
@::legal_keywords
;
}
...
...
createaccount.cgi
View file @
4e6767d4
#!/usr/bonsaitools/bin/perl -w
#!/usr/bonsaitools/bin/perl -w
T
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
...
...
@@ -26,6 +26,8 @@
use
diagnostics
;
use
strict
;
use
lib
qw(.)
;
require
"CGI.pl"
;
# Shut up misguided -w warnings about "used only once":
...
...
createattachment.cgi
View file @
4e6767d4
#!/usr/bonsaitools/bin/perl -w
#!/usr/bonsaitools/bin/perl -w
T
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
...
...
@@ -24,6 +24,8 @@
use
diagnostics
;
use
strict
;
use
lib
qw(.)
;
require
"CGI.pl"
;
use
vars
%::
COOKIE
,
%::
FILENAME
;
...
...
describecomponents.cgi
View file @
4e6767d4
#!/usr/bonsaitools/bin/perl -w
#!/usr/bonsaitools/bin/perl -w
T
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
...
...
@@ -25,6 +25,8 @@ use vars %::FORM;
use
diagnostics
;
use
strict
;
use
lib
qw(.)
;
require
"CGI.pl"
;
ConnectToDatabase
();
...
...
describekeywords.cgi
View file @
4e6767d4
#!/usr/bonsaitools/bin/perl -w
#!/usr/bonsaitools/bin/perl -w
T
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
...
...
@@ -23,6 +23,8 @@
use
diagnostics
;
use
strict
;
use
lib
qw(.)
;
require
"CGI.pl"
;
ConnectToDatabase
();
...
...
doeditparams.cgi
View file @
4e6767d4
#!/usr/bonsaitools/bin/perl -w
#!/usr/bonsaitools/bin/perl -w
T
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
...
...
@@ -23,6 +23,8 @@
use
diagnostics
;
use
strict
;
use
lib
qw(.)
;
require
"CGI.pl"
;
require
"defparams.pl"
;
...
...
doeditvotes.cgi
View file @
4e6767d4
#!/usr/bonsaitools/bin/perl -w
#!/usr/bonsaitools/bin/perl -w
T
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
...
...
@@ -24,6 +24,8 @@
use
diagnostics
;
use
strict
;
use
lib
qw(.)
;
require
"CGI.pl"
;
ConnectToDatabase
();
...
...
@@ -67,9 +69,6 @@ if (0 == @buglist) {
# minus sign).
foreach
my
$id
(
@buglist
)
{
ValidateBugID
(
$id
);
(
$::FORM
{
$id
}
=~
/^\d+$/
)
||
DisplayError
(
"Only use non-negative numbers for your bug votes."
)
&&
exit
;
}
######################################################################
...
...
@@ -144,7 +143,7 @@ while (MoreSQLData()) {
}
SendSQL
(
"delete from votes where who = $who"
);
foreach
my
$id
(
@buglist
)
{
if
(
$::FORM
{
$id
}
>
0
)
{
if
(
detaint_natural
(
$::FORM
{
$id
})
&&
$::FORM
{
$id
}
>
0
)
{
SendSQL
(
"insert into votes (who, bug_id, count) values ($who, $id, $::FORM{$id})"
);
}
$affected
{
$id
}
=
1
;
...
...
duplicates.cgi
View file @
4e6767d4
#!/usr/bonsaitools/bin/perl -w
#!/usr/bonsaitools/bin/perl -w
T
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
...
...
@@ -27,6 +27,9 @@ use diagnostics;
use
strict
;
use
CGI
"param"
;
use
AnyDBM_File
;
use
lib
qw(.)
;
require
"globals.pl"
;
require
"CGI.pl"
;
...
...
enter_bug.cgi
View file @
4e6767d4
#!/usr/bonsaitools/bin/perl -w
#!/usr/bonsaitools/bin/perl -w
T
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
...
...
@@ -35,6 +35,8 @@
use
diagnostics
;
use
strict
;
use
lib
qw(.)
;
require
"CGI.pl"
;
# Shut up misguided -w warnings about "used only once". "use vars" just
...
...
globals.pl
View file @
4e6767d4
...
...
@@ -194,8 +194,27 @@ sub SqlLog {
}
}
# This is from the perlsec page, slightly modifed to remove a warning
# From that page:
# This function makes use of the fact that the presence of
# tainted data anywhere within an expression renders the
# entire expression tainted.
# Don't ask me how it works...
sub
is_tainted
{
return
not
eval
{
my
$foo
=
join
(
''
,
@_
),
kill
0
;
1
;
};
}
sub
SendSQL
{
my
(
$str
,
$dontshadow
)
=
(
@_
);
# Don't use DBI's taint stuff yet, because:
# a) We don't want out vars to be tainted (yet)
# b) We want to know who called SendSQL...
# Is there a better way to do b?
if
(
is_tainted
(
$str
))
{
die
"Attempted to send tainted string to the database"
;
}
my
$iswrite
=
(
$str
=~
/^(INSERT|REPLACE|UPDATE|DELETE)/i
);
if
(
$iswrite
&&
!
$::dbwritesallowed
)
{
die
"Evil code attempted to write stuff to the shadow database."
;
...
...
long_list.cgi
View file @
4e6767d4
#!/usr/bonsaitools/bin/perl -w
#!/usr/bonsaitools/bin/perl -w
T
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
...
...
@@ -24,6 +24,8 @@
use
diagnostics
;
use
strict
;
use
lib
qw(.)
;
require
"CGI.pl"
;
# Shut up misguided -w warnings about "used only once". "use vars" just
...
...
move.pl
View file @
4e6767d4
#!/usr/bonsaitools/bin/perl -w
#!/usr/bonsaitools/bin/perl -w
T
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
...
...
@@ -23,6 +23,9 @@
use
diagnostics
;
use
strict
;
use
lib
qw(.)
;
use
Bug
;
require
"CGI.pl"
;
$::lockcount
=
0
;
...
...
new_comment.cgi
View file @
4e6767d4
#!/usr/bonsaitools/bin/perl -w
#!/usr/bonsaitools/bin/perl -w
T
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
...
...
post_bug.cgi
View file @
4e6767d4
#!/usr/bonsaitools/bin/perl -w
#!/usr/bonsaitools/bin/perl -w
T
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
...
...
@@ -25,6 +25,8 @@
use
diagnostics
;
use
strict
;
use
lib
qw(.)
;
require
"CGI.pl"
;
# Shut up misguided -w warnings about "used only once". For some reason,
...
...
process_bug.cgi
View file @
4e6767d4
#!/usr/bonsaitools/bin/perl -w
#!/usr/bonsaitools/bin/perl -w
T
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
...
...
@@ -29,6 +29,8 @@ use strict;
my
$UserInEditGroupSet
=
-
1
;
my
$UserInCanConfirmGroupSet
=
-
1
;
use
lib
qw(.)
;
require
"CGI.pl"
;
use
RelationSet
;
...
...
@@ -42,6 +44,7 @@ use vars %::versions,
%::
legal_opsys
,
%::
legal_platform
,
%::
legal_priority
,
%::
settable_resolution
,
%::
target_milestone
,
%::
legal_severity
,
%::
superusergroupset
;
...
...
@@ -58,13 +61,18 @@ my $requiremilestone = 0;
# This list will either consist of a single bug number from the "id"
# form/URL field or a series of numbers from multiple form/URL fields
# named "id_x" where "x" is the bug number.
# For each bug being modified, make sure its ID is a valid bug number
# representing an existing bug that the user is authorized to access.
my
@idlist
;
if
(
defined
$::FORM
{
'id'
})
{
ValidateBugID
(
$::FORM
{
'id'
});
push
@idlist
,
$::FORM
{
'id'
};
}
else
{
foreach
my
$i
(
keys
%::
FORM
)
{
if
(
$i
=~
/^id_([1-9][0-9]*)/
)
{
push
@idlist
,
$1
;
my
$id
=
$1
;
ValidateBugID
(
$id
);
push
@idlist
,
$id
;
}
}
}
...
...
@@ -74,12 +82,6 @@ scalar(@idlist)
||
DisplayError
(
"You did not select any bugs to modify."
)
&&
exit
;
# For each bug being modified, make sure its ID is a valid bug number
# representing an existing bug that the user is authorized to access.
foreach
my
$id
(
@idlist
)
{
ValidateBugID
(
$id
);
}
# If we are duping bugs, let's also make sure that we can change
# the original. This takes care of issue A on bug 96085.
if
(
defined
$::FORM
{
'dup_id'
}
&&
$::FORM
{
'knob'
}
eq
"duplicate"
)
{
...
...
@@ -538,7 +540,7 @@ sub ChangeResolution {
my
(
$str
)
=
(
@_
);
if
(
$str
ne
$::dontchange
)
{
DoComma
();
$::query
.=
"resolution =
'$str'"
;
$::query
.=
"resolution =
"
.
SqlQuote
(
$str
)
;
}
}
...
...
@@ -695,6 +697,8 @@ SWITCH: for ($::FORM{'knob'}) {
last
SWITCH
;
};
/^resolve$/
&&
CheckonComment
(
"resolve"
)
&&
do
{
# Check here, because its the only place we require the resolution
CheckFormField
(
\%::
FORM
,
'resolution'
,
\
@::settable_resolution
);
ChangeStatus
(
'RESOLVED'
);
ChangeResolution
(
$::FORM
{
'resolution'
});
last
SWITCH
;
...
...
@@ -1030,8 +1034,15 @@ The changes made were:
foreach
my
$i
(
split
(
'[\s,]+'
,
$::FORM
{
$target
}))
{
if
(
$i
eq
""
)
{
next
;
}
my
$orig
=
$i
;
if
(
!
detaint_natural
(
$i
))
{
PuntTryAgain
(
"$orig is not a legal bug number"
);
}
# Don't use CanSeeBug, since we want to keep deps to bugs a
# user can't see
SendSQL
(
"select bug_id from bugs where bug_id = "
.
SqlQuote
(
$i
));
my
$comp
=
FetchOneColumn
();
...
...
@@ -1049,7 +1060,8 @@ The changes made were:
my
@stack
=
@
{
$deps
{
$target
}};
while
(
@stack
)
{
my
$i
=
shift
@stack
;
SendSQL
(
"select $target from dependencies where $me = $i"
);
SendSQL
(
"select $target from dependencies where $me = "
.
SqlQuote
(
$i
));
while
(
MoreSQLData
())
{
my
$t
=
FetchOneColumn
();
if
(
$t
==
$id
)
{
...
...
queryhelp.cgi
View file @
4e6767d4
#!/usr/bonsaitools/bin/perl -w
#!/usr/bonsaitools/bin/perl -w
T
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
...
...
@@ -27,6 +27,8 @@ use vars %::FORM;
use
diagnostics
;
use
strict
;
use
lib
qw(.)
;
require
"CGI.pl"
;
ConnectToDatabase
();
...
...
quips.cgi
View file @
4e6767d4
#!/usr/bonsaitools/bin/perl -w
#!/usr/bonsaitools/bin/perl -w
T
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
...
...
@@ -24,6 +24,8 @@ use diagnostics;
use
strict
;
use
vars
(
%::
FORM
);
use
lib
qw(.)
;
require
"CGI.pl"
;
print
"Content-type: text/html\n\n"
;
...
...
relogin.cgi
View file @
4e6767d4
#!/usr/bonsaitools/bin/perl -w
#!/usr/bonsaitools/bin/perl -w
T
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
...
...
@@ -25,6 +25,8 @@ use strict;
use
vars
%::
COOKIE
;
use
lib
qw(.)
;
require
"CGI.pl"
;
my
$cookiepath
=
Param
(
"cookiepath"
);
...
...
reports.cgi
View file @
4e6767d4
#!/usr/bonsaitools/bin/perl -w
#!/usr/bonsaitools/bin/perl -w
T
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
...
...
@@ -41,6 +41,8 @@
use
diagnostics
;
use
strict
;
use
lib
qw(.)
;
eval
"use GD"
;
my
$use_gd
=
$@
?
0
:
1
;
eval
"use Chart::Lines"
;
...
...
sanitycheck.cgi
View file @
4e6767d4
#!/usr/bonsaitools/bin/perl -w
#!/usr/bonsaitools/bin/perl -w
T
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
...
...
@@ -24,6 +24,8 @@
use
diagnostics
;
use
strict
;
use
lib
qw(.)
;
require
"CGI.pl"
;
use
vars
%::
FORM
;
...
...
show_activity.cgi
View file @
4e6767d4
#!/usr/bonsaitools/bin/perl -w
#!/usr/bonsaitools/bin/perl -w
T
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
...
...
@@ -24,6 +24,8 @@
use
diagnostics
;
use
strict
;
use
lib
qw(.)
;
require
"CGI.pl"
;
ConnectToDatabase
();
...
...
show_bug.cgi
View file @
4e6767d4
#!/usr/bonsaitools/bin/perl -w
#!/usr/bonsaitools/bin/perl -w
T
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
...
...
@@ -23,6 +23,8 @@
use
diagnostics
;
use
strict
;
use
lib
qw(.)
;
require
"CGI.pl"
;
ConnectToDatabase
();
...
...
showattachment.cgi
View file @
4e6767d4
#!/usr/bonsaitools/bin/perl -w
#!/usr/bonsaitools/bin/perl -w
T
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
...
...
@@ -24,6 +24,8 @@
use
diagnostics
;
use
strict
;
use
lib
qw(.)
;
require
"CGI.pl"
;
if
(
!
defined
$::FORM
{
'attach_id'
})
{
...
...
@@ -43,7 +45,7 @@ ConnectToDatabase();
quietly_check_login
();
if
(
$::FORM
{
attach_id
}
!~
/^[1-9][0-9]*$/
)
{
if
(
!
detaint_natural
(
$::FORM
{
attach_id
})
)
{
DisplayError
(
"Attachment ID should be numeric."
);
exit
;
}
...
...
showdependencygraph.cgi
View file @
4e6767d4
#!/usr/bonsaitools/bin/perl -w
#!/usr/bonsaitools/bin/perl -w
T
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
...
...
@@ -23,6 +23,8 @@
use
diagnostics
;
use
strict
;
use
lib
qw(.)
;
require
"CGI.pl"
;
ConnectToDatabase
();
...
...
@@ -168,6 +170,10 @@ node [URL="${urlbase}show_bug.cgi?id=\\N", style=filled, color=lightgrey]
# Cleanup any old .dot files created from previous runs.
my
$since
=
time
()
-
24
*
60
*
60
;
foreach
my
$f
(
glob
(
"data/webdot/*.dot"
))
{
# Here we are deleting all old files. All entries are from the
# data/webdot/ directory. Since we're deleting the file (not following
# symlinks), this can't escape to delete anything it shouldn't
trick_taint
(
$f
);
if
(
ModTime
(
$f
)
<
$since
)
{
unlink
$f
;
}
...
...
showvotes.cgi
View file @
4e6767d4
#!/usr/bonsaitools/bin/perl -w
#!/usr/bonsaitools/bin/perl -w
T
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
...
...
@@ -25,6 +25,8 @@
use
diagnostics
;
use
strict
;
use
lib
qw(.)
;
require
"CGI.pl"
;
ConnectToDatabase
();
...
...
@@ -61,7 +63,7 @@ if (defined $::FORM{'voteon'}) {
# Make sure the user ID is a positive integer representing an existing user.
if
(
defined
$::FORM
{
'user'
})
{
$::FORM
{
'user'
}
=~
/^([1-9][0-9]*)$/
detaint_natural
(
$::FORM
{
'user'
})
||
DisplayError
(
"The user number is invalid."
)
&&
exit
;
SendSQL
(
"SELECT 1 FROM profiles WHERE userid = $::FORM{'user'}"
);
...
...
t/002goodperl.t
View file @
4e6767d4
...
...
@@ -55,13 +55,40 @@ foreach my $file (@testitems) {
}
my
$file_line1
=
<
FILE
>
;
close
(
FILE
);
$file
=~
m/.*\.(.*)/
;
my
$ext
=
$1
;
if
(
$file_line1
!~
/\/usr\/bonsaitools\/bin\/perl/
)
{
ok
(
1
,
"$file does not have a shebang"
);
}
else
{
if
(
$file_line1
=~
m
#/usr/bonsaitools/bin/perl -w#) {
ok
(
1
,
"$file uses -w"
);
my
$flags
;
if
(
$file
eq
"processmail"
)
{
# special case processmail, which is tainted checked
$flags
=
"wT"
;
}
elsif
(
!
defined
$ext
||
$ext
eq
"pl"
)
{
# standalone programs (eg syncshadowdb) aren't taint checked yet
$flags
=
"w"
;
}
elsif
(
$ext
eq
"pm"
)
{
ok
(
0
,
"$file is a module, but has a shebang"
);
next
;
}
elsif
(
$ext
eq
"cgi"
)
{
# cgi files must be taint checked, but only the user-accessible
# ones have been checked so far
if
(
$file
=~
m/^edit/
)
{
$flags
=
"w"
;
}
else
{
$flags
=
"wT"
;
}
}
else
{
ok
(
0
,
"$file has shebang but unknown extension"
);
next
;
}
if
(
$file_line1
=~
m
#/usr/bonsaitools/bin/perl -$flags#) {
ok
(
1
,
"$file uses -$flags"
);
}
else
{
ok
(
0
,
"$file is MISSING -
w
--WARNING"
);
ok
(
0
,
"$file is MISSING -
$flags
--WARNING"
);
}
}
}
...
...
token.cgi
View file @
4e6767d4
#!/usr/bonsaitools/bin/perl -w
#!/usr/bonsaitools/bin/perl -w
T
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
...
...
@@ -28,6 +28,8 @@
use
diagnostics
;
use
strict
;
use
lib
qw(.)
;
# Include the Bugzilla CGI and general utility library.
require
"CGI.pl"
;
...
...
userprefs.cgi
View file @
4e6767d4
#!/usr/bonsaitools/bin/perl -w
#!/usr/bonsaitools/bin/perl -w
T
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
...
...
@@ -22,6 +22,8 @@
use
diagnostics
;
use
strict
;
use
lib
qw(.)
;
require
"CGI.pl"
;
use
RelationSet
;
...
...
xml.cgi
View file @
4e6767d4
#!/usr/bonsaitools/bin/perl -w
#!/usr/bonsaitools/bin/perl -w
T
# -*- Mode: perl; indent-tabs-mode: nil -*-
#
# The contents of this file are subject to the Mozilla Public
...
...
@@ -23,10 +23,13 @@
use
diagnostics
;
use
strict
;
use
lib
qw(.)
;
use
Bug
;
require
"CGI.pl"
;
if
(
!
defined
$::FORM
{
'id'
}
||
$::FORM
{
'id'
}
!~
/^\s*\d+(,\d+)*\s*$/
)
{
if
(
!
defined
$::FORM
{
'id'
}
||
!
$::FORM
{
'id'
}
)
{
print
"Content-type: text/html\n\n"
;
PutHeader
(
"Display as XML"
);
print
"<FORM METHOD=GET ACTION=\"xml.cgi\">\n"
;
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment