diff options
author | Manish Goregaokar <manishearth@gmail.com> | 2014-04-17 18:27:05 +0200 |
---|---|---|
committer | Frédéric Buclin <LpSolit@gmail.com> | 2014-04-17 18:27:05 +0200 |
commit | 58b92d3b0245f6565a7ff34e78fce1e9ec56b355 (patch) | |
tree | 5b66f0684021f72559184c04a0a4f8294f863582 /Bugzilla | |
parent | 0e390970ba51b14a5dc780be7c6f0d6d7baa67e3 (diff) | |
download | bugzilla-58b92d3b0245f6565a7ff34e78fce1e9ec56b355.tar.gz bugzilla-58b92d3b0245f6565a7ff34e78fce1e9ec56b355.tar.xz |
Bug 968576: [SECURITY] Dangerous control characters allowed in Bugzilla text
r=glob a=justdave
Diffstat (limited to 'Bugzilla')
-rw-r--r-- | Bugzilla/Template.pm | 12 | ||||
-rw-r--r-- | Bugzilla/Util.pm | 4 |
2 files changed, 16 insertions, 0 deletions
diff --git a/Bugzilla/Template.pm b/Bugzilla/Template.pm index 56d31dd2d..6f7900054 100644 --- a/Bugzilla/Template.pm +++ b/Bugzilla/Template.pm @@ -678,6 +678,18 @@ sub create { my ($data) = @_; return encode_base64($data); }, + + # Strips out control characters excepting whitespace + strip_control_chars => sub { + my ($data) = @_; + state $use_utf8 = Bugzilla->params->{'utf8'}; + # Only run for utf8 to avoid issues with other multibyte encodings + # that may be reassigning meaning to ascii characters. + if ($use_utf8) { + $data =~ s/(?![\t\r\n])[[:cntrl:]]//g; + } + return $data; + }, # HTML collapses newlines in element attributes to a single space, # so form elements which may have whitespace (ie comments) need diff --git a/Bugzilla/Util.pm b/Bugzilla/Util.pm index 5f359c38c..9bcb6962d 100644 --- a/Bugzilla/Util.pm +++ b/Bugzilla/Util.pm @@ -75,6 +75,10 @@ sub html_quote { state $use_utf8 = Bugzilla->params->{'utf8'}; if ($use_utf8) { + # Remove control characters if the encoding is utf8. + # Other multibyte encodings may be using this range; so ignore if not utf8. + $var =~ s/(?![\t\r\n])[[:cntrl:]]//g; + # Remove the following characters because they're # influencing BiDi: # -------------------------------------------------------- |