Commit c50567b3 authored by timeless%mozdev.org's avatar timeless%mozdev.org

Bug 242405 Turning on QA contact causes taint error in Bugzilla/Series.pm when adding a component

patch by bugzilla@glob.com.au r=joel a=justdave
parent 3bbd08a2
......@@ -180,7 +180,6 @@ sub writeToDatabase {
}
else {
# Insert the new series into the series table
trick_taint($self->{'query'});
$dbh->do("INSERT INTO series (creator, category, subcategory, " .
"name, frequency, query) VALUES ($self->{'creator'}, " .
"$category_id, $subcategory_id, " .
......
......@@ -46,7 +46,7 @@ sub sillyness {
my $dobugcounts = (defined $::FORM{'dobugcounts'});
my $cgi = Bugzilla->cgi;
# TestProduct: just returns if the specified product does exists
# CheckProduct: same check, optionally emit an error text
......@@ -458,12 +458,21 @@ if ($action eq 'new') {
# For localisation reasons, we get the title of the queries from the
# submitted form.
my $open_name = $cgi->param('open_name');
my $closed_name = $cgi->param('closed_name');
my @openedstatuses = ("UNCONFIRMED", "NEW", "ASSIGNED", "REOPENED");
my $statuses = join("&", map { "bug_status=$_" } @openedstatuses);
push(@series, [$::FORM{'open_name'}, $statuses . $prodcomp]);
my $resolved = "field0-0-0=resolution&type0-0-0=notequals&value0-0-0=---";
push(@series, [$::FORM{'closed_name'}, $resolved . $prodcomp]);
my $statuses = join("&", map { "bug_status=$_" } @openedstatuses) . $prodcomp;
my $resolved = "field0-0-0=resolution&type0-0-0=notequals&value0-0-0=---" . $prodcomp;
# trick_taint is ok here, as these variables aren't used as a command
# or in SQL unquoted
trick_taint($open_name);
trick_taint($closed_name);
trick_taint($statuses);
trick_taint($resolved);
push(@series, [$open_name, $statuses]);
push(@series, [$closed_name, $resolved]);
foreach my $sdata (@series) {
my $series = new Bugzilla::Series(undef, $product, $component,
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment