diff options
author | Dylan William Hardison <dylan@hardison.net> | 2016-10-11 23:17:01 +0200 |
---|---|---|
committer | Dylan William Hardison <dylan@hardison.net> | 2016-10-11 23:17:01 +0200 |
commit | d9ba51c35e379110795c08ee6f7dee3acfec1a59 (patch) | |
tree | 16e9693e612da88e5ea047bf0ba11fed47ddb41c | |
parent | d328d4097f2e4f1bbbffaf913880ef11fe8b16a2 (diff) | |
download | bugzilla-d9ba51c35e379110795c08ee6f7dee3acfec1a59.tar.gz bugzilla-d9ba51c35e379110795c08ee6f7dee3acfec1a59.tar.xz |
Bug 1309278 - Cache::Memcached::Fast returns tainted data if the key is tainted
r=dkl
-rw-r--r-- | Bugzilla/Memcached.pm | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/Bugzilla/Memcached.pm b/Bugzilla/Memcached.pm index 139824679..ed32fa27b 100644 --- a/Bugzilla/Memcached.pm +++ b/Bugzilla/Memcached.pm @@ -13,6 +13,7 @@ use warnings; use Bugzilla::Error; use Scalar::Util qw(blessed); +use Bugzilla::Util qw(trick_taint); use URI::Escape; # memcached keys have a maximum length of 250 bytes @@ -219,6 +220,7 @@ sub _config_prefix { sub _encode_key { my ($self, $key) = @_; $key = $self->_global_prefix . '.' . uri_escape_utf8($key); + trick_taint($key) if defined $key; return length($self->{namespace} . $key) > MAX_KEY_LENGTH ? undef : $key; |