summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGervase Markham <gerv@mozilla.org>2015-01-21 20:49:57 +0100
committerDavid Lawrence <dkl@mozilla.com>2015-01-21 20:49:57 +0100
commit4dabf1a9c679f06b3637d3c76e1e05aa83a6d259 (patch)
tree93ec377d81b16ad7caccc28c4954048358aa431b
parent367d9c2f6efd2cc53b773f0c1cc9e19a8d82c5be (diff)
downloadbugzilla-4dabf1a9c679f06b3637d3c76e1e05aa83a6d259.tar.gz
bugzilla-4dabf1a9c679f06b3637d3c76e1e05aa83a6d259.tar.xz
Bug 1079065: [SECURITY] Always use the 3 arguments form for open() to prevent shell code injection
r=dylan,a=simon
-rw-r--r--Bugzilla/Attachment.pm4
-rw-r--r--Bugzilla/Error.pm2
-rw-r--r--Bugzilla/Install/CPAN.pm4
-rw-r--r--Bugzilla/Install/Filesystem.pm2
-rwxr-xr-xcollectstats.pl2
-rwxr-xr-xreports.cgi2
-rwxr-xr-xsearch_plugin.cgi2
-rwxr-xr-xshowdependencygraph.cgi6
-rwxr-xr-xtestserver.pl6
9 files changed, 15 insertions, 15 deletions
diff --git a/Bugzilla/Attachment.pm b/Bugzilla/Attachment.pm
index e165b139e..ed770ad89 100644
--- a/Bugzilla/Attachment.pm
+++ b/Bugzilla/Attachment.pm
@@ -333,7 +333,7 @@ sub data {
# If there's no attachment data in the database, the attachment is stored
# in a local file, so retrieve it from there.
if (length($self->{data}) == 0) {
- if (open(AH, $self->_get_local_filename())) {
+ if (open(AH, '<', $self->_get_local_filename())) {
# file is actually on disk.
$self->{is_on_filesystem} = 1;
local $/;
@@ -412,7 +412,7 @@ sub datasize {
# is stored in a local file, and so retrieve its size from the file,
# or the attachment has been deleted.
unless ($self->{datasize}) {
- if (open(AH, $self->_get_local_filename())) {
+ if (open(AH, '<', $self->_get_local_filename())) {
# file is actually on disk.
$self->{is_on_filesystem} = 1;
binmode AH;
diff --git a/Bugzilla/Error.pm b/Bugzilla/Error.pm
index 05a7ce7b3..ef6320d15 100644
--- a/Bugzilla/Error.pm
+++ b/Bugzilla/Error.pm
@@ -74,7 +74,7 @@ sub _throw_error {
$val = "*****" if $val =~ /password|http_pass/i;
$mesg .= "[$$] " . Data::Dumper->Dump([$val],["env($var)"]);
}
- open(ERRORLOGFID, ">>$datadir/errorlog");
+ open(ERRORLOGFID, ">>", "$datadir/errorlog");
print ERRORLOGFID "$mesg\n";
close ERRORLOGFID;
}
diff --git a/Bugzilla/Install/CPAN.pm b/Bugzilla/Install/CPAN.pm
index 19f143190..094784e1a 100644
--- a/Bugzilla/Install/CPAN.pm
+++ b/Bugzilla/Install/CPAN.pm
@@ -196,8 +196,8 @@ sub set_cpan_config {
# Calling a senseless autoload that does nothing makes us
# automatically load any existing configuration.
# We want to avoid the "invalid command" message.
- open(my $saveout, ">&STDOUT");
- open(STDOUT, '>/dev/null');
+ open(my $saveout, ">&", "STDOUT");
+ open(STDOUT, '>', '/dev/null');
eval { CPAN->ignore_this_error_message_from_bugzilla; };
undef $@;
close(STDOUT);
diff --git a/Bugzilla/Install/Filesystem.pm b/Bugzilla/Install/Filesystem.pm
index 2120cbc57..64b651c62 100644
--- a/Bugzilla/Install/Filesystem.pm
+++ b/Bugzilla/Install/Filesystem.pm
@@ -634,7 +634,7 @@ sub _update_old_charts {
($in_file =~ /\.orig$/i));
rename("$in_file", "$in_file.orig") or next;
- open(IN, "$in_file.orig") or next;
+ open(IN, "<", "$in_file.orig") or next;
open(OUT, '>', $in_file) or next;
# Fields in the header
diff --git a/collectstats.pl b/collectstats.pl
index 3473c9e71..339e428bc 100755
--- a/collectstats.pl
+++ b/collectstats.pl
@@ -309,7 +309,7 @@ sub regenerate_stats {
return;
}
- if (open DATA, ">$file") {
+ if (open DATA, ">", $file) {
my $fields = join('|', ('DATE', @statuses, @resolutions));
my $product_name = $product->name;
print DATA <<FIN;
diff --git a/reports.cgi b/reports.cgi
index cdc9d4a87..89dee1c9a 100755
--- a/reports.cgi
+++ b/reports.cgi
@@ -138,7 +138,7 @@ sub generate_chart {
my ($dir, $image_file, $product, $datasets) = @_;
my $data_file = $dir . '/' . $product->id;
- if (! open FILE, $data_file) {
+ if (!open(FILE, '<', $data_file)) {
ThrowCodeError('chart_data_not_generated', {'product' => $product});
}
diff --git a/search_plugin.cgi b/search_plugin.cgi
index 7de8bed5f..0b628f32e 100755
--- a/search_plugin.cgi
+++ b/search_plugin.cgi
@@ -27,7 +27,7 @@ print $cgi->header('application/xml');
# Get the contents of favicon.ico
my $filename = bz_locations()->{'libpath'} . "/images/favicon.ico";
-if (open(IN, $filename)) {
+if (open(IN, '<', $filename)) {
local $/;
binmode IN;
$vars->{'favicon'} = <IN>;
diff --git a/showdependencygraph.cgi b/showdependencygraph.cgi
index 528b9cd61..d93c1c875 100755
--- a/showdependencygraph.cgi
+++ b/showdependencygraph.cgi
@@ -49,7 +49,7 @@ sub CreateImagemap {
my $map = "<map name=\"imagemap\">\n";
my $default = "";
- open MAP, "<$mapfilename";
+ open MAP, "<", $mapfilename;
while(my $line = <MAP>) {
if($line =~ /^default ([^ ]*)(.*)$/) {
$default = qq{<area alt="" shape="default" href="$1">\n};
@@ -258,7 +258,7 @@ if ($webdotbase =~ /^https?:/) {
error => $! });
binmode $pngfh;
- open(DOT, "\"$webdotbase\" -Tpng $filename|");
+ open(DOT, '-|', "\"$webdotbase\" -Tpng $filename");
binmode DOT;
print $pngfh $_ while <DOT>;
close DOT;
@@ -287,7 +287,7 @@ if ($webdotbase =~ /^https?:/) {
error => $! });
binmode $mapfh;
- open(DOT, "\"$webdotbase\" -Tismap $filename|");
+ open(DOT, '-|', "\"$webdotbase\" -Tismap $filename");
binmode DOT;
print $mapfh $_ while <DOT>;
close DOT;
diff --git a/testserver.pl b/testserver.pl
index 2ab48f375..d827c80ea 100755
--- a/testserver.pl
+++ b/testserver.pl
@@ -40,7 +40,7 @@ my @pscmds = ('ps -eo comm,gid', 'ps -acxo command,gid', 'ps -acxo command,rgid'
my $sgid = 0;
if (!ON_WINDOWS) {
foreach my $pscmd (@pscmds) {
- open PH, "$pscmd 2>/dev/null |";
+ open PH, '-|', "$pscmd 2>/dev/null";
while (my $line = <PH>) {
if ($line =~ /^(?:\S*\/)?(?:httpd|apache?)2?\s+(\d+)$/) {
$sgid = $1 if $1 > $sgid;
@@ -267,7 +267,7 @@ sub check_image {
sub create_file {
my ($filename, $content) = @_;
- open(FH, ">$filename")
+ open(FH, ">", $filename)
or die "Failed to create $filename: $!\n";
binmode FH;
print FH $content;
@@ -276,7 +276,7 @@ sub create_file {
sub read_file {
my ($filename) = @_;
- open(FH, $filename)
+ open(FH, '<', $filename)
or die "Failed to open $filename: $!\n";
binmode FH;
my $content = <FH>;