diff options
author | Frédéric Buclin <LpSolit@gmail.com> | 2011-08-04 22:08:32 +0200 |
---|---|---|
committer | Frédéric Buclin <LpSolit@gmail.com> | 2011-08-04 22:08:32 +0200 |
commit | 5d70d16f37a866852e6a48ec9fefe3664a6a9a55 (patch) | |
tree | b193cb8a52a93619d408869931126777d8c82bb0 /Bugzilla/Product.pm | |
parent | b9c01561118c42514055b218f81cb82fa76dbb05 (diff) | |
download | bugzilla-5d70d16f37a866852e6a48ec9fefe3664a6a9a55.tar.gz bugzilla-5d70d16f37a866852e6a48ec9fefe3664a6a9a55.tar.xz |
Bug 653477: (CVE-2011-2380) [SECURITY] Group names can be guessed when creating or editing a bug
r=mkanat a=LpSolit
Diffstat (limited to 'Bugzilla/Product.pm')
-rw-r--r-- | Bugzilla/Product.pm | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/Bugzilla/Product.pm b/Bugzilla/Product.pm index b9443e9e6..85524ac47 100644 --- a/Bugzilla/Product.pm +++ b/Bugzilla/Product.pm @@ -680,10 +680,12 @@ sub groups_mandatory { # if this group can be validly set by the currently-logged-in user. sub group_is_settable { my ($self, $group) = @_; - my $group_id = blessed($group) ? $group->id : $group; - my $is_mandatory = grep { $group_id == $_->id } + + return 0 unless ($group->is_active && $group->is_bug_group); + + my $is_mandatory = grep { $group->id == $_->id } @{ $self->groups_mandatory }; - my $is_available = grep { $group_id == $_->id } + my $is_available = grep { $group->id == $_->id } @{ $self->groups_available }; return ($is_mandatory or $is_available) ? 1 : 0; } @@ -948,7 +950,7 @@ a bug. (In fact, the user I<must> set the Mandatory group on the bug.) =over -=item C<$group> - Either a numeric group id or a L<Bugzilla::Group> object. +=item C<$group> - A L<Bugzilla::Group> object. =back |