Bug 748095: Bugzilla crashes when the shutdownhtml parameter is set and using a non-cookie based authentication method

r=dkl a=justdave

2 files changed, 5 insertions, 6 deletions

diff --git a/Bugzilla.pm b/Bugzilla.pm
index 99fcbed46..5344c8bc6 100644
--- a/Bugzilla.pm
+++ b/Bugzilla.pm
@@ -165,10 +165,8 @@ sub init_page {
             print Bugzilla->cgi->header(-status => 503, 
                 -retry_after => SHUTDOWNHTML_RETRY_AFTER);
         }
-        my $t_output;
-        $template->process("global/message.$extension.tmpl", $vars, \$t_output)
+        $template->process("global/message.$extension.tmpl", $vars)
             || ThrowTemplateError($template->error);
-        say $t_output;
         exit;
     }
 }
diff --git a/Bugzilla/Auth/Persist/Cookie.pm b/Bugzilla/Auth/Persist/Cookie.pm
index 9681bcea2..939a1ac9c 100644
--- a/Bugzilla/Auth/Persist/Cookie.pm
+++ b/Bugzilla/Auth/Persist/Cookie.pm
@@ -108,8 +108,8 @@ sub logout {
     if ($cookie) {
         push(@login_cookies, $cookie->value);
     }
-    else {
-        push(@login_cookies, $cgi->cookie("Bugzilla_logincookie"));
+    elsif ($cookie = $cgi->cookie('Bugzilla_logincookie')) {
+        push(@login_cookies, $cookie);
     }
 
     # If we are a webservice using a token instead of cookie
@@ -118,7 +118,8 @@ sub logout {
         push(@login_cookies, $login_token->{'login_token'});
     }
 
-    return if !@login_cookies;
+    # Make sure that @login_cookies is not empty to not break SQL statements.
+    push(@login_cookies, '') unless @login_cookies;
 
     # These queries use both the cookie ID and the user ID as keys. Even
     # though we know the userid must match, we still check it in the SQL