summaryrefslogtreecommitdiffstats
path: root/extensions
diff options
context:
space:
mode:
authorByron Jones <bjones@mozilla.com>2013-03-21 06:09:12 +0100
committerByron Jones <bjones@mozilla.com>2013-03-21 06:09:12 +0100
commit39f125ca3b0dcd3e1d7318de2e193e4335a4b9a1 (patch)
tree16341dbdac3ae9a8c2fdeceeaf28a0a247b028ab /extensions
parent4025fe8be55ed10613cf528bf698084415f8cb85 (diff)
downloadbugzilla-39f125ca3b0dcd3e1d7318de2e193e4335a4b9a1.tar.gz
bugzilla-39f125ca3b0dcd3e1d7318de2e193e4335a4b9a1.tar.xz
Bug 853314: unable to edit bugzilla push options - insecure dependency
Diffstat (limited to 'extensions')
-rw-r--r--extensions/Push/lib/Admin.pm3
-rw-r--r--extensions/Push/lib/BacklogMessage.pm4
-rw-r--r--extensions/Push/lib/Backoff.pm4
-rw-r--r--extensions/Push/lib/LogEntry.pm4
-rw-r--r--extensions/Push/lib/Message.pm4
5 files changed, 18 insertions, 1 deletions
diff --git a/extensions/Push/lib/Admin.pm b/extensions/Push/lib/Admin.pm
index d7df25c09..f579409bd 100644
--- a/extensions/Push/lib/Admin.pm
+++ b/extensions/Push/lib/Admin.pm
@@ -13,7 +13,7 @@ use warnings;
use Bugzilla;
use Bugzilla::Error;
use Bugzilla::Extension::Push::Util;
-use Bugzilla::Util qw(trim detaint_natural);
+use Bugzilla::Util qw(trim detaint_natural trick_taint);
use base qw(Exporter);
our @EXPORT = qw(
@@ -67,6 +67,7 @@ sub _update_config_from_form {
# update
foreach my $option ($config->options) {
my $option_name = $option->{name};
+ trick_taint($values->{$option_name});
$config->{$option_name} = $values->{$option_name};
}
$config->update();
diff --git a/extensions/Push/lib/BacklogMessage.pm b/extensions/Push/lib/BacklogMessage.pm
index f9496fa24..8f5263038 100644
--- a/extensions/Push/lib/BacklogMessage.pm
+++ b/extensions/Push/lib/BacklogMessage.pm
@@ -12,6 +12,10 @@ use warnings;
use base 'Bugzilla::Object';
+use constant AUDIT_CREATES => 0;
+use constant AUDIT_UPDATES => 0;
+use constant AUDIT_REMOVES => 0;
+
use Bugzilla;
use Bugzilla::Error;
use Bugzilla::Extension::Push::Util;
diff --git a/extensions/Push/lib/Backoff.pm b/extensions/Push/lib/Backoff.pm
index bc302a2a9..c0ea15a59 100644
--- a/extensions/Push/lib/Backoff.pm
+++ b/extensions/Push/lib/Backoff.pm
@@ -12,6 +12,10 @@ use warnings;
use base 'Bugzilla::Object';
+use constant AUDIT_CREATES => 0;
+use constant AUDIT_UPDATES => 0;
+use constant AUDIT_REMOVES => 0;
+
use Bugzilla;
use Bugzilla::Util;
diff --git a/extensions/Push/lib/LogEntry.pm b/extensions/Push/lib/LogEntry.pm
index b883ee095..303c19da4 100644
--- a/extensions/Push/lib/LogEntry.pm
+++ b/extensions/Push/lib/LogEntry.pm
@@ -12,6 +12,10 @@ use warnings;
use base 'Bugzilla::Object';
+use constant AUDIT_CREATES => 0;
+use constant AUDIT_UPDATES => 0;
+use constant AUDIT_REMOVES => 0;
+
use Bugzilla;
use Bugzilla::Error;
use Bugzilla::Extension::Push::Constants;
diff --git a/extensions/Push/lib/Message.pm b/extensions/Push/lib/Message.pm
index 3d112a2e1..ebe32d0ea 100644
--- a/extensions/Push/lib/Message.pm
+++ b/extensions/Push/lib/Message.pm
@@ -12,6 +12,10 @@ use warnings;
use base 'Bugzilla::Object';
+use constant AUDIT_CREATES => 0;
+use constant AUDIT_UPDATES => 0;
+use constant AUDIT_REMOVES => 0;
+
use Bugzilla;
use Bugzilla::Error;
use Bugzilla::Extension::Push::Util;