summaryrefslogtreecommitdiffstats
path: root/extensions
diff options
context:
space:
mode:
authorDavid Lawrence <dkl@mozilla.com>2015-08-06 06:21:33 +0200
committerByron Jones <glob@mozilla.com>2015-08-06 06:21:33 +0200
commit86a7f0140f898cd77e5d3a2dcfd52722d2f65089 (patch)
tree183c401743b3eae9a26d249804072df6e9f55db9 /extensions
parent9465a77fad2f80e4e3615b0aa0af36bc5da11122 (diff)
downloadbugzilla-86a7f0140f898cd77e5d3a2dcfd52722d2f65089.tar.gz
bugzilla-86a7f0140f898cd77e5d3a2dcfd52722d2f65089.tar.xz
Bug 1191565 - [Security] Able to delete any Bugzilla user's component watching
Diffstat (limited to 'extensions')
-rw-r--r--extensions/ComponentWatching/Extension.pm7
-rw-r--r--extensions/ComponentWatching/template/en/default/hook/global/code-error-errors.html.tmpl12
2 files changed, 16 insertions, 3 deletions
diff --git a/extensions/ComponentWatching/Extension.pm b/extensions/ComponentWatching/Extension.pm
index 318de5e1a..a56b46249 100644
--- a/extensions/ComponentWatching/Extension.pm
+++ b/extensions/ComponentWatching/Extension.pm
@@ -14,7 +14,7 @@ use Bugzilla::Error;
use Bugzilla::Group;
use Bugzilla::User;
use Bugzilla::User::Setting;
-use Bugzilla::Util qw(trim trick_taint);
+use Bugzilla::Util qw(detaint_natural trim trick_taint);
our $VERSION = '2';
@@ -611,8 +611,9 @@ sub _deleteWatch {
my ($user, $id) = @_;
my $dbh = Bugzilla->dbh;
- trick_taint($id);
- $dbh->do("DELETE FROM component_watch WHERE id=?", undef, $id);
+ detaint_natural($id) || ThrowCodeError("component_watch_invalid_id");
+ $dbh->do("DELETE FROM component_watch WHERE id=? AND user_id=?",
+ undef, $id, $user->id);
}
sub _addDefaultSettings {
diff --git a/extensions/ComponentWatching/template/en/default/hook/global/code-error-errors.html.tmpl b/extensions/ComponentWatching/template/en/default/hook/global/code-error-errors.html.tmpl
new file mode 100644
index 000000000..04640afef
--- /dev/null
+++ b/extensions/ComponentWatching/template/en/default/hook/global/code-error-errors.html.tmpl
@@ -0,0 +1,12 @@
+[%# This Source Code Form is subject to the terms of the Mozilla Public
+ # License, v. 2.0. If a copy of the MPL was not distributed with this
+ # file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ #
+ # This Source Code Form is "Incompatible With Secondary Licenses", as
+ # defined by the Mozilla Public License, v. 2.0.
+ #%]
+
+[% IF error == "component_watch_invalid_id" %]
+ [% title = "Invalid Component Watch ID" %]
+ The component watch id provided is invalid.
+[% END %]