diff options
| author | Dylan Hardison <dylan@mozilla.com> | 2015-12-22 18:11:21 +0100 |
|---|---|---|
| committer | Dylan Hardison <dylan@mozilla.com> | 2015-12-22 18:11:21 +0100 |
| commit | eb1357fe03bb47cdd479cf533022e11dd6bd22e0 (patch) | |
| tree | 493135e19d0e4fde16f4405e654d762020af7929 /Bugzilla | |
| parent | 0cd77b4e6e8839782cec49596da33029860d3470 (diff) | |
| download | bugzilla-eb1357fe03bb47cdd479cf533022e11dd6bd22e0.tar.gz bugzilla-eb1357fe03bb47cdd479cf533022e11dd6bd22e0.tar.xz | |
Bug 1230932 - Providing a condition as an ID to the webservice results in a taint error
r=dkl,a=dkl
Diffstat (limited to 'Bugzilla')
| -rw-r--r-- | Bugzilla/API/1_0/Constants.pm | 2 | ||||
| -rw-r--r-- | Bugzilla/API/1_0/Util.pm | 23 | ||||
| -rw-r--r-- | Bugzilla/WebService/Bug.pm | 4 | ||||
| -rw-r--r-- | Bugzilla/WebService/Constants.pm | 2 | ||||
| -rw-r--r-- | Bugzilla/WebService/Util.pm | 10 |
5 files changed, 18 insertions, 23 deletions
diff --git a/Bugzilla/API/1_0/Constants.pm b/Bugzilla/API/1_0/Constants.pm index 44e20124a..f90b31177 100644 --- a/Bugzilla/API/1_0/Constants.pm +++ b/Bugzilla/API/1_0/Constants.pm @@ -68,6 +68,8 @@ use constant WS_ERROR_CODE => { number_too_large => 54, number_too_small => 55, illegal_date => 56, + param_integer_required => 57, + param_integer_array_required => 58, # Bug errors usually occupy the 100-200 range. improper_bug_id_field_value => 100, bug_id_does_not_exist => 101, diff --git a/Bugzilla/API/1_0/Util.pm b/Bugzilla/API/1_0/Util.pm index d22935f6e..3fcf28cdf 100644 --- a/Bugzilla/API/1_0/Util.pm +++ b/Bugzilla/API/1_0/Util.pm @@ -22,6 +22,7 @@ use MIME::Base64 qw(decode_base64 encode_base64); use Storable qw(dclone); use Test::Taint (); use URI::Escape qw(uri_unescape); +use Bugzilla::WebService::Util qw(validate); use parent qw(Exporter); @@ -241,28 +242,6 @@ sub api_include_exclude { return $params; } -sub validate { - my ($self, $params, @keys) = @_; - - # If $params is defined but not a reference, then we weren't - # sent any parameters at all, and we're getting @keys where - # $params should be. - return ($self, undef) if (defined $params and !ref $params); - - # If @keys is not empty then we convert any named - # parameters that have scalar values to arrayrefs - # that match. - foreach my $key (@keys) { - if (exists $params->{$key}) { - $params->{$key} = ref $params->{$key} - ? $params->{$key} - : [ $params->{$key} ]; - } - } - - return ($self, $params); -} - sub translate { my ($params, $mapped) = @_; my %changes; diff --git a/Bugzilla/WebService/Bug.pm b/Bugzilla/WebService/Bug.pm index 84f209347..75a0aab0e 100644 --- a/Bugzilla/WebService/Bug.pm +++ b/Bugzilla/WebService/Bug.pm @@ -1200,6 +1200,10 @@ sub update_comment_tags { { function => 'Bug.update_comment_tags', param => 'comment_id' }); + ThrowCodeError("param_integer_required", { function => 'Bug.update_comment_tags', + param => 'comment_id' }) + unless $comment_id =~ /^[0-9]+$/; + my $comment = Bugzilla::Comment->new($comment_id) || return []; $comment->bug->check_is_visible(); diff --git a/Bugzilla/WebService/Constants.pm b/Bugzilla/WebService/Constants.pm index 42aa600ee..8c9bcb37f 100644 --- a/Bugzilla/WebService/Constants.pm +++ b/Bugzilla/WebService/Constants.pm @@ -69,6 +69,8 @@ use constant WS_ERROR_CODE => { number_too_large => 54, number_too_small => 55, illegal_date => 56, + param_integer_required => 57, + param_integer_array_required => 58, # Bug errors usually occupy the 100-200 range. improper_bug_id_field_value => 100, bug_id_does_not_exist => 101, diff --git a/Bugzilla/WebService/Util.pm b/Bugzilla/WebService/Util.pm index cbbc47921..503246c16 100644 --- a/Bugzilla/WebService/Util.pm +++ b/Bugzilla/WebService/Util.pm @@ -18,6 +18,7 @@ use Bugzilla::WebService::Constants; use Storable qw(dclone); use URI::Escape qw(uri_unescape); +use List::MoreUtils qw(all any); use parent qw(Exporter); @@ -221,7 +222,8 @@ sub validate { # sent any parameters at all, and we're getting @keys where # $params should be. return ($self, undef) if (defined $params and !ref $params); - + + my @id_params = qw( ids comment_ids ); # If @keys is not empty then we convert any named # parameters that have scalar values to arrayrefs # that match. @@ -230,6 +232,12 @@ sub validate { $params->{$key} = ref $params->{$key} ? $params->{$key} : [ $params->{$key} ]; + + if (any { $key eq $_ } @id_params) { + my $ids = $params->{$key}; + ThrowCodeError('param_integer_array_required', { param => $key }) + unless ref($ids) eq 'ARRAY' && all { /^[0-9]+$/ } @$ids; + } } } |