diff options
| author | Manish Goregaokar <manishearth@gmail.com> | 2014-04-17 18:27:05 +0200 |
|---|---|---|
| committer | Frédéric Buclin <LpSolit@gmail.com> | 2014-04-17 18:27:05 +0200 |
| commit | 58b92d3b0245f6565a7ff34e78fce1e9ec56b355 (patch) | |
| tree | 5b66f0684021f72559184c04a0a4f8294f863582 /Bugzilla/Template.pm | |
| parent | 0e390970ba51b14a5dc780be7c6f0d6d7baa67e3 (diff) | |
| download | bugzilla-58b92d3b0245f6565a7ff34e78fce1e9ec56b355.tar.gz bugzilla-58b92d3b0245f6565a7ff34e78fce1e9ec56b355.tar.xz | |
Bug 968576: [SECURITY] Dangerous control characters allowed in Bugzilla text
r=glob a=justdave
Diffstat (limited to 'Bugzilla/Template.pm')
| -rw-r--r-- | Bugzilla/Template.pm | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/Bugzilla/Template.pm b/Bugzilla/Template.pm index 56d31dd2d..6f7900054 100644 --- a/Bugzilla/Template.pm +++ b/Bugzilla/Template.pm @@ -678,6 +678,18 @@ sub create { my ($data) = @_; return encode_base64($data); }, + + # Strips out control characters excepting whitespace + strip_control_chars => sub { + my ($data) = @_; + state $use_utf8 = Bugzilla->params->{'utf8'}; + # Only run for utf8 to avoid issues with other multibyte encodings + # that may be reassigning meaning to ascii characters. + if ($use_utf8) { + $data =~ s/(?![\t\r\n])[[:cntrl:]]//g; + } + return $data; + }, # HTML collapses newlines in element attributes to a single space, # so form elements which may have whitespace (ie comments) need |