summaryrefslogtreecommitdiffstats
path: root/Bugzilla
diff options
context:
space:
mode:
authorReed Loden <reed@reedloden.com>2012-08-30 20:26:01 +0200
committerFrédéric Buclin <LpSolit@gmail.com>2012-08-30 20:26:01 +0200
commit83fc5743d999a2bb8ca13def0e80c2e999e20571 (patch)
tree08f7cb85e23783f3bff9ba9c0ec510b8200a838a /Bugzilla
parent1ff417cbaa2905f64d4417290c4255080884ee02 (diff)
downloadbugzilla-83fc5743d999a2bb8ca13def0e80c2e999e20571.tar.gz
bugzilla-83fc5743d999a2bb8ca13def0e80c2e999e20571.tar.xz
Bug 785470: (CVE-2012-3981) [SECURITY] Missing escaping of the username can lead to LDAP injection
r/a=LpSolit
Diffstat (limited to 'Bugzilla')
-rw-r--r--Bugzilla/Auth/Verify/LDAP.pm2
1 files changed, 2 insertions, 0 deletions
diff --git a/Bugzilla/Auth/Verify/LDAP.pm b/Bugzilla/Auth/Verify/LDAP.pm
index 0b5113e52..5704c5848 100644
--- a/Bugzilla/Auth/Verify/LDAP.pm
+++ b/Bugzilla/Auth/Verify/LDAP.pm
@@ -18,6 +18,7 @@ use Bugzilla::User;
use Bugzilla::Util;
use Net::LDAP;
+use Net::LDAP::Util qw(escape_filter_value);
use constant admin_can_create_account => 0;
use constant user_can_create_account => 0;
@@ -121,6 +122,7 @@ sub check_credentials {
sub _bz_search_params {
my ($username) = @_;
+ $username = escape_filter_value($username);
return (base => Bugzilla->params->{"LDAPBaseDN"},
scope => "sub",
filter => '(&(' . Bugzilla->params->{"LDAPuidattribute"}