Fix for bug 108982: enable taint mode for all user-facing CGI files.

Patch by Brad Baetz <bbaetz@student.usyd.edu.au>
r= jake, justdave

3 files changed, 6 insertions, 7 deletions

diff --git a/Bugzilla/Attachment.pm b/Bugzilla/Attachment.pm
index 1ba194d77..acfa52f63 100644
--- a/Bugzilla/Attachment.pm
+++ b/Bugzilla/Attachment.pm
@@ -1,4 +1,3 @@
-#!/usr/bonsaitools/bin/perl -w
 # -*- Mode: perl; indent-tabs-mode: nil -*-
 #
 # The contents of this file are subject to the Mozilla Public
diff --git a/Bugzilla/Bug.pm b/Bugzilla/Bug.pm
index 670b274eb..96ff0b8af 100755
--- a/Bugzilla/Bug.pm
+++ b/Bugzilla/Bug.pm
@@ -1,4 +1,3 @@
-#!/usr/bonsaitools/bin/perl -w
 # -*- Mode: perl; indent-tabs-mode: nil -*-
 #
 # The contents of this file are subject to the Mozilla Public
@@ -75,10 +74,12 @@ sub initBug  {
   my $self = shift();
   my ($bug_id, $user_id) = (@_);
 
-
-  if ( (! defined $bug_id) || (!$bug_id) ) {
-    # no bug number given
-    return {};
+  my $old_bug_id = $bug_id;
+  if ((! defined $bug_id) || (!$bug_id) || (!&::detaint_natural($bug_id))) {
+      # no bug number given
+      $self->{'bug_id'} = $old_bug_id;
+      $self->{'error'} = "InvalidBugId";
+      return $self;
   }
 
 # default userid 0, or get DBID if you used an email address
diff --git a/Bugzilla/Token.pm b/Bugzilla/Token.pm
index 185884c98..f2c5fbde7 100644
--- a/Bugzilla/Token.pm
+++ b/Bugzilla/Token.pm
@@ -1,4 +1,3 @@
-#!/usr/bonsaitools/bin/perl -w
 # -*- Mode: perl; indent-tabs-mode: nil -*-
 #
 # The contents of this file are subject to the Mozilla Public