summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorjocuri%softhome.net <>2003-10-19 07:46:22 +0200
committerjocuri%softhome.net <>2003-10-19 07:46:22 +0200
commit1fb505eb4677ff52a7e03e75996812d687df8ff5 (patch)
tree9e8e013aa4ae5e3a43bb3c95a925087bfd611659
parentf297526924af890364685b94ab20c04a253c82a6 (diff)
downloadbugzilla-1fb505eb4677ff52a7e03e75996812d687df8ff5.tar.gz
bugzilla-1fb505eb4677ff52a7e03e75996812d687df8ff5.tar.xz
Bug 221977: Insecure dependency in require while running with -T switch at Bugzilla/Auth.pm; patch by Dave Miller (justdave@bugzilla.org); r=gerv; a=justdave.
-rw-r--r--Bugzilla/Auth.pm6
1 files changed, 6 insertions, 0 deletions
diff --git a/Bugzilla/Auth.pm b/Bugzilla/Auth.pm
index 902ae0f05..21d440960 100644
--- a/Bugzilla/Auth.pm
+++ b/Bugzilla/Auth.pm
@@ -29,6 +29,12 @@ use Bugzilla::Constants;
# 'inherit' from the main loginmethod
BEGIN {
my $loginmethod = Param("loginmethod");
+ if ($loginmethod =~ /^([A-Za-z0-9_\.\-]+)$/) {
+ $loginmethod = $1;
+ }
+ else {
+ die "Badly-named loginmethod '$loginmethod'";
+ }
require "Bugzilla/Auth/" . $loginmethod . ".pm";
our @ISA;