diff options
author | Reed Loden <reed@reedloden.com> | 2012-07-30 22:45:32 +0200 |
---|---|---|
committer | Reed Loden <reed@reedloden.com> | 2012-07-30 22:45:32 +0200 |
commit | f53fede65d6f15fa916b9c3ac370a73a95cf4791 (patch) | |
tree | 9ebdd635bb47aafeb3947087fd7ee37659227c93 /reports.cgi | |
parent | 4e1e44eab9604fd0d981758b44dc0a8f31ba7b88 (diff) | |
download | bugzilla-f53fede65d6f15fa916b9c3ac370a73a95cf4791.tar.gz bugzilla-f53fede65d6f15fa916b9c3ac370a73a95cf4791.tar.xz |
Bug 767623 - Use HMAC to generate tokens and sensitive graph filenames
[r=LpSolit a=LpSolit]
Diffstat (limited to 'reports.cgi')
-rwxr-xr-x | reports.cgi | 14 |
1 files changed, 6 insertions, 8 deletions
diff --git a/reports.cgi b/reports.cgi index 12087c852..66f4b05d7 100755 --- a/reports.cgi +++ b/reports.cgi @@ -17,7 +17,7 @@ use Bugzilla::Error; use Bugzilla::Status; use File::Basename; -use Digest::MD5 qw(md5_hex); +use Digest::SHA qw(hmac_sha256_base64); # If we're using bug groups for products, we should apply those restrictions # to viewing reports, as well. Time to check the login in that case. @@ -88,14 +88,12 @@ else { # Filenames must not be guessable as they can point to products # you are not allowed to see. Also, different projects can have # the same product names. - my $key = Bugzilla->localconfig->{'site_wide_secret'}; my $project = bz_locations()->{'project'} || ''; - my $image_file = join(':', ($key, $project, $prod_id, @datasets)); - # Wide characters cause md5_hex() to die. - if (Bugzilla->params->{'utf8'}) { - utf8::encode($image_file) if utf8::is_utf8($image_file); - } - $image_file = md5_hex($image_file) . '.png'; + my $image_file = join(':', ($project, $prod_id, @datasets)); + my $key = Bugzilla->localconfig->{'site_wide_secret'}; + $image_file = hmac_sha256_base64($image_file, $key) . '.png'; + $image_file =~ s/\+/-/g; + $image_file =~ s/\//_/g; trick_taint($image_file); if (! -e "$graph_dir/$image_file") { |