summaryrefslogtreecommitdiffstats
path: root/Bugzilla/Auth
diff options
context:
space:
mode:
authorReed Loden <reed@reedloden.com>2012-08-30 20:27:36 +0200
committerFrédéric Buclin <LpSolit@gmail.com>2012-08-30 20:27:36 +0200
commit0c29bd76219ab35494f7cc202ffa071bc5006881 (patch)
treea2138ec0743b76068361cf9d55e4cd6421ca4f2f /Bugzilla/Auth
parent2d212c52ae394a18286e68ed81e7654c0fb7e3af (diff)
downloadbugzilla-0c29bd76219ab35494f7cc202ffa071bc5006881.tar.gz
bugzilla-0c29bd76219ab35494f7cc202ffa071bc5006881.tar.xz
Bug 785470: (CVE-2012-3981) [SECURITY] Missing escaping of the username can lead to LDAP injection
r/a=LpSolit
Diffstat (limited to 'Bugzilla/Auth')
-rw-r--r--Bugzilla/Auth/Verify/LDAP.pm2
1 files changed, 2 insertions, 0 deletions
diff --git a/Bugzilla/Auth/Verify/LDAP.pm b/Bugzilla/Auth/Verify/LDAP.pm
index cdc802ca0..0f10f9fbf 100644
--- a/Bugzilla/Auth/Verify/LDAP.pm
+++ b/Bugzilla/Auth/Verify/LDAP.pm
@@ -41,6 +41,7 @@ use Bugzilla::User;
use Bugzilla::Util;
use Net::LDAP;
+use Net::LDAP::Util qw(escape_filter_value);
use constant admin_can_create_account => 0;
use constant user_can_create_account => 0;
@@ -144,6 +145,7 @@ sub check_credentials {
sub _bz_search_params {
my ($username) = @_;
+ $username = escape_filter_value($username);
return (base => Bugzilla->params->{"LDAPBaseDN"},
scope => "sub",
filter => '(&(' . Bugzilla->params->{"LDAPuidattribute"}