diff options
author | tara%tequilarista.org <> | 2001-06-03 07:02:01 +0200 |
---|---|---|
committer | tara%tequilarista.org <> | 2001-06-03 07:02:01 +0200 |
commit | 24bf6d11edd72edd34b5effa68aad9ca0984e913 (patch) | |
tree | 9f360faaefd749836032671dab0b887c204fb60a /process_bug.cgi | |
parent | b42289bb5c84bff0bc610c8d3d87b63e4246a240 (diff) | |
download | bugzilla-24bf6d11edd72edd34b5effa68aad9ca0984e913.tar.gz bugzilla-24bf6d11edd72edd34b5effa68aad9ca0984e913.tar.xz |
Landing Myk's patch for bug #71767
Diffstat (limited to 'process_bug.cgi')
-rwxr-xr-x | process_bug.cgi | 26 |
1 files changed, 20 insertions, 6 deletions
diff --git a/process_bug.cgi b/process_bug.cgi index 4b4453dc1..b2327b0fd 100755 --- a/process_bug.cgi +++ b/process_bug.cgi @@ -58,19 +58,33 @@ my $requiremilestone = 0; # named "id_x" where "x" is the bug number. my @idlist; if (defined $::FORM{'id'}) { - push @idlist, $::FORM{'id'}; + push @idlist, $::FORM{'id'}; } else { - foreach my $i (keys %::FORM) { - if ($i =~ /^id_([1-9][0-9]*)/) { - push @idlist, $1; + foreach my $i (keys %::FORM) { + if ($i =~ /^id_([1-9][0-9]*)/) { + push @idlist, $1; + } } - } } # For each bug being modified, make sure its ID is a valid bug number # representing an existing bug that the user is authorized to access. foreach my $id (@idlist) { - ValidateBugID($id); + ValidateBugID($id); +} + +# If the user has a bug list and is processing one bug, then after +# we process the bug we are going to show them the next bug on their +# list. Thus we have to make sure this bug ID is also valid, +# since a malicious cracker might alter their cookies for the purpose +# gaining access to bugs they are not authorized to access. +if ( $::COOKIE{"BUGLIST"} ne "" && defined $::FORM{'id'} ) { + my @buglist = split( /:/ , $::COOKIE{"BUGLIST"} ); + my $idx = lsearch( \@buglist , $::FORM{"id"} ); + if ($idx < $#buglist) { + my $nextbugid = $buglist[$idx + 1]; + ValidateBugID($nextbugid); + } } ###################################################################### |