diff options
| author | wurblzap%gmail.com <> | 2006-10-21 03:52:24 +0200 |
|---|---|---|
| committer | wurblzap%gmail.com <> | 2006-10-21 03:52:24 +0200 |
| commit | ea2d2a47281ac947297587c2619df190bf3c23c4 (patch) | |
| tree | 61367f4bdb2fa5d419a0aedd29e675b5801c3d83 /Bugzilla/User.pm | |
| parent | c2f38f17cfa3aad8a13ee6eb02944b52d9e79037 (diff) | |
| download | bugzilla-ea2d2a47281ac947297587c2619df190bf3c23c4.tar.gz bugzilla-ea2d2a47281ac947297587c2619df190bf3c23c4.tar.xz | |
Bug 340538: Insecure dependency in exec while running with -T switch at /usr/lib/perl5/site_perl/5.8.6/Mail/Mailer/sendmail.pm line 16.
Patch by Marc Schumann <wurblzap@gmail.com>,
r=LpSolit, a=myk
Diffstat (limited to 'Bugzilla/User.pm')
| -rw-r--r-- | Bugzilla/User.pm | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/Bugzilla/User.pm b/Bugzilla/User.pm index 02f17b85d..33c8535f5 100644 --- a/Bugzilla/User.pm +++ b/Bugzilla/User.pm @@ -1490,7 +1490,8 @@ sub is_available_username { sub login_to_id { my ($login, $throw_error) = @_; my $dbh = Bugzilla->dbh; - # $login will only be used by the following SELECT statement, so it's safe. + # No need to validate $login -- it will be used by the following SELECT + # statement only, so it's safe to simply trick_taint. trick_taint($login); my $user_id = $dbh->selectrow_array("SELECT userid FROM profiles WHERE " . $dbh->sql_istrcmp('login_name', '?'), @@ -1525,6 +1526,8 @@ sub validate_password { } elsif ((defined $matchpassword) && ($password ne $matchpassword)) { ThrowUserError('passwords_dont_match'); } + # Having done these checks makes us consider the password untainted. + trick_taint($_[0]); return 1; } @@ -1966,6 +1969,7 @@ we return an empty string. Returns true if a password is valid (i.e. meets Bugzilla's requirements for length and content), else returns false. +Untaints C<$passwd1> if successful. If a second password is passed in, this function also verifies that the two passwords match. |