summaryrefslogtreecommitdiffstats
path: root/showdependencygraph.cgi
diff options
context:
space:
mode:
authorjake%acutex.net <>2001-06-01 00:52:23 +0200
committerjake%acutex.net <>2001-06-01 00:52:23 +0200
commitbc521effbd39f4e88e8de50dac650acd8a46705f (patch)
tree73f7f28f684e652f239c5bea7fdfe1c35a5b60a9 /showdependencygraph.cgi
parent1a2221391b29920332d504dc3e80803a23e430d7 (diff)
downloadbugzilla-bc521effbd39f4e88e8de50dac650acd8a46705f.tar.gz
bugzilla-bc521effbd39f4e88e8de50dac650acd8a46705f.tar.xz
Bugzilla was leaking information about bugs marked secure (using bug groups). This checkin fixes bugs 39524, 39527, 39531, and 39533.
Patches by Myk Melez <myk@mozilla.org>. r= jake@acutex.net
Diffstat (limited to 'showdependencygraph.cgi')
-rwxr-xr-xshowdependencygraph.cgi26
1 files changed, 21 insertions, 5 deletions
diff --git a/showdependencygraph.cgi b/showdependencygraph.cgi
index f15534be3..df377c096 100755
--- a/showdependencygraph.cgi
+++ b/showdependencygraph.cgi
@@ -25,8 +25,28 @@ use strict;
require "CGI.pl";
+ConnectToDatabase();
+
+quietly_check_login();
+
+$::usergroupset = $::usergroupset; # More warning suppression silliness.
+
+######################################################################
+# Begin Data/Security Validation
+######################################################################
+
+# Make sure the bug ID is a positive integer representing an existing
+# bug that the user is authorized to access.
+if (defined $::FORM{'id'}) {
+ ValidateBugID($::FORM{'id'});
+}
+
+######################################################################
+# End Data/Security Validation
+######################################################################
+
my $id = $::FORM{'id'};
-die "Invalid id: $id" unless $id =~ /^\s*\d+\s*$/;
+
my $urlbase = Param("urlbase");
my %seen;
@@ -51,10 +71,6 @@ $::FORM{'rankdir'} = "LR" if !defined $::FORM{'rankdir'};
if (defined $id) {
- ConnectToDatabase();
- quietly_check_login();
- $::usergroupset = $::usergroupset; # More warning suppression silliness.
-
mkdir("data/webdot", 0777);
my $filename = "data/webdot/$$.dot";