summaryrefslogtreecommitdiffstats
path: root/Bugzilla
diff options
context:
space:
mode:
authormkanat%kerio.com <>2005-07-08 14:35:20 +0200
committermkanat%kerio.com <>2005-07-08 14:35:20 +0200
commit9b11535c66ebe5103afea0eb87e92c939a975d34 (patch)
tree7578009e82dda6eb3ab2ba8d5d843be30d7464e5 /Bugzilla
parent0d7a4fbf959a1c522350786e83df580476bf5642 (diff)
downloadbugzilla-9b11535c66ebe5103afea0eb87e92c939a975d34.tar.gz
bugzilla-9b11535c66ebe5103afea0eb87e92c939a975d34.tar.xz
Bug 292544: [SECURITY] Can see a security-sensitive bug in buglist.cgi for a short time when there are certain performance problems
Patch By Frederic Buclin <LpSolit@gmail.com> r=joel, a=justdave
Diffstat (limited to 'Bugzilla')
-rw-r--r--Bugzilla/DB/Schema.pm2
-rw-r--r--Bugzilla/Search.pm2
-rw-r--r--Bugzilla/User.pm19
3 files changed, 12 insertions, 11 deletions
diff --git a/Bugzilla/DB/Schema.pm b/Bugzilla/DB/Schema.pm
index c7d4a5583..52d1b3212 100644
--- a/Bugzilla/DB/Schema.pm
+++ b/Bugzilla/DB/Schema.pm
@@ -156,7 +156,7 @@ use constant ABSTRACT_SCHEMA => {
bug_file_loc => {TYPE => 'TEXT'},
bug_severity => {TYPE => 'varchar(64)', NOTNULL => 1},
bug_status => {TYPE => 'varchar(64)', NOTNULL => 1},
- creation_ts => {TYPE => 'DATETIME', NOTNULL => 1},
+ creation_ts => {TYPE => 'DATETIME'},
delta_ts => {TYPE => 'DATETIME', NOTNULL => 1},
short_desc => {TYPE => 'MEDIUMTEXT', NOTNULL => 1},
op_sys => {TYPE => 'varchar(64)', NOTNULL => 1},
diff --git a/Bugzilla/Search.pm b/Bugzilla/Search.pm
index e69c3232f..ec93e96a8 100644
--- a/Bugzilla/Search.pm
+++ b/Bugzilla/Search.pm
@@ -1357,7 +1357,7 @@ sub init {
}
$query .= " WHERE " . join(' AND ', (@wherepart, @andlist)) .
- " AND ((bug_group_map.group_id IS NULL)";
+ " AND bugs.creation_ts IS NOT NULL AND ((bug_group_map.group_id IS NULL)";
if ($user->id) {
my $userid = $user->id;
diff --git a/Bugzilla/User.pm b/Bugzilla/User.pm
index c9817a4d9..ff88b9f3b 100644
--- a/Bugzilla/User.pm
+++ b/Bugzilla/User.pm
@@ -356,7 +356,7 @@ sub can_see_bug {
# is cached because this may be called for every row in buglists or
# every bug in a dependency list.
unless ($sth) {
- $sth = $dbh->prepare("SELECT reporter, assigned_to, qa_contact,
+ $sth = $dbh->prepare("SELECT 1, reporter, assigned_to, qa_contact,
reporter_accessible, cclist_accessible,
COUNT(cc.who), COUNT(bug_group_map.bug_id)
FROM bugs
@@ -367,22 +367,23 @@ sub can_see_bug {
ON bugs.bug_id = bug_group_map.bug_id
AND bug_group_map.group_ID NOT IN(" .
join(',',(-1, values(%{$self->groups}))) .
- ") WHERE bugs.bug_id = ? " .
+ ") WHERE bugs.bug_id = ?
+ AND creation_ts IS NOT NULL " .
$dbh->sql_group_by('bugs.bug_id', 'reporter, ' .
'assigned_to, qa_contact, reporter_accessible, ' .
'cclist_accessible'));
}
$sth->execute($bugid);
- my ($reporter, $owner, $qacontact, $reporter_access, $cclist_access,
+ my ($ready, $reporter, $owner, $qacontact, $reporter_access, $cclist_access,
$isoncclist, $missinggroup) = $sth->fetchrow_array();
$sth->finish;
$self->{sthCanSeeBug} = $sth;
- return ( (($reporter == $userid) && $reporter_access)
- || (Param('useqacontact') && $qacontact &&
- ($qacontact == $userid))
- || ($owner == $userid)
- || ($isoncclist && $cclist_access)
- || (!$missinggroup) );
+ return ($ready
+ && ((($reporter == $userid) && $reporter_access)
+ || (Param('useqacontact') && $qacontact && ($qacontact == $userid))
+ || ($owner == $userid)
+ || ($isoncclist && $cclist_access)
+ || (!$missinggroup)));
}
sub get_selectable_products {