Bug 657158 - (CVE-2011-2381) [SECURITY] Request email headers for attachment…

Bug 657158 - (CVE-2011-2381) [SECURITY] Request email headers for attachment containing newline are corrupt [r=LpSolit a=LpSolit]

Bug 657158 - (CVE-2011-2381) [SECURITY] Request email headers for attachment…
b9c01561 · Reed Loden · 1e41eccc · b9c01561 · b9c01561
Commit b9c01561 authored Aug 04, 2011 by Reed Loden
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 1 deletion

Template.pm Bugzilla/Template.pm +3 -0

email.txt.tmpl template/en/default/request/email.txt.tmpl +1 -1

No files found.
--- a/Bugzilla/Template.pm
+++ b/Bugzilla/Template.pm
@@ -695,6 +695,9 @@ sub create {
            # as prefix. In addition it replaces a ' ' by a '_'.
            css_class_quote => \&Bugzilla::Util::css_class_quote ,
+            # Removes control characters and trims extra whitespace.
+            clean_text => \&Bugzilla::Util::clean_text ,
            quoteUrls => [ sub {
                               my ($context, $bug, $comment) = @_;
                               return sub {

--- a/template/en/default/request/email.txt.tmpl
+++ b/template/en/default/request/email.txt.tmpl
@@ -50,7 +50,7 @@ From: [% Param('mailfrom') %]
 To: [% to %]
 Subject: [% flagtype_name %] [%+ subject_status %]: [[% terms.Bug %] [%+ bug.bug_id %]] [% bug.short_desc %]
 [%- IF attachment %] :
-  [Attachment [% attachment.id %]] [% attachment.description %][% END %]
+  [Attachment [% attachment.id %]] [% attachment.description FILTER clean_text %][% END %]
 Date: [% date %]
 X-Bugzilla-Type: request
 [%+ threadingmarker %]