summaryrefslogtreecommitdiffstats
path: root/showdependencytree.cgi
diff options
context:
space:
mode:
authorjake%acutex.net <>2001-06-01 00:52:23 +0200
committerjake%acutex.net <>2001-06-01 00:52:23 +0200
commitbc521effbd39f4e88e8de50dac650acd8a46705f (patch)
tree73f7f28f684e652f239c5bea7fdfe1c35a5b60a9 /showdependencytree.cgi
parent1a2221391b29920332d504dc3e80803a23e430d7 (diff)
downloadbugzilla-bc521effbd39f4e88e8de50dac650acd8a46705f.tar.gz
bugzilla-bc521effbd39f4e88e8de50dac650acd8a46705f.tar.xz
Bugzilla was leaking information about bugs marked secure (using bug groups). This checkin fixes bugs 39524, 39527, 39531, and 39533.
Patches by Myk Melez <myk@mozilla.org>. r= jake@acutex.net
Diffstat (limited to 'showdependencytree.cgi')
-rwxr-xr-xshowdependencytree.cgi23
1 files changed, 17 insertions, 6 deletions
diff --git a/showdependencytree.cgi b/showdependencytree.cgi
index 74e2778bc..bab36da61 100755
--- a/showdependencytree.cgi
+++ b/showdependencytree.cgi
@@ -29,6 +29,23 @@ require "CGI.pl";
use vars %::FORM;
+ConnectToDatabase();
+
+quietly_check_login();
+
+$::usergroupset = $::usergroupset; # More warning suppression silliness.
+
+######################################################################
+# Begin Data/Security Validation
+######################################################################
+
+# Make sure the bug ID is a positive integer representing an existing
+# bug that the user is authorized to access.
+ValidateBugID($::FORM{'id'});
+
+######################################################################
+# End Data/Security Validation
+######################################################################
my $id = $::FORM{'id'};
my $linkedid = qq{<a href="show_bug.cgi?id=$id">$id</a>};
@@ -36,12 +53,6 @@ my $linkedid = qq{<a href="show_bug.cgi?id=$id">$id</a>};
print "Content-type: text/html\n\n";
PutHeader("Dependency tree", "Dependency tree", "Bug $linkedid");
-ConnectToDatabase();
-
-quietly_check_login();
-
-$::usergroupset = $::usergroupset; # More warning suppression silliness.
-
my %seen;
sub DumpKids {