summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--CGI.pl13
-rwxr-xr-xattachment.cgi2
-rwxr-xr-xpost_bug.cgi2
-rwxr-xr-xprocess_bug.cgi2
4 files changed, 19 insertions, 0 deletions
diff --git a/CGI.pl b/CGI.pl
index f91cbd670..0882a967c 100644
--- a/CGI.pl
+++ b/CGI.pl
@@ -324,6 +324,19 @@ sub ValidateBugID {
}
+
+sub ValidateComment {
+ # Make sure a comment is not too large (greater than 64K).
+
+ my ($comment) = @_;
+
+ if (defined($comment) && length($comment) > 65535) {
+ DisplayError("Comments cannot be longer than 65,535 characters.");
+ exit;
+ }
+}
+
+
# check and see if a given string actually represents a positive
# integer, and abort if not.
#
diff --git a/attachment.cgi b/attachment.cgi
index 32b4ef461..66c3236a7 100755
--- a/attachment.cgi
+++ b/attachment.cgi
@@ -77,6 +77,7 @@ elsif ($action eq "insert")
{
confirm_login();
ValidateBugID($::FORM{'bugid'});
+ ValidateComment($::FORM{'comment'});
validateFilename();
validateData();
validateDescription();
@@ -95,6 +96,7 @@ elsif ($action eq "edit")
elsif ($action eq "update")
{
confirm_login();
+ ValidateComment($::FORM{'comment'});
validateID();
validateCanEdit($::FORM{'id'});
validateDescription();
diff --git a/post_bug.cgi b/post_bug.cgi
index 0ae44d32f..58048ef7e 100755
--- a/post_bug.cgi
+++ b/post_bug.cgi
@@ -49,6 +49,8 @@ sub sillyness {
confirm_login();
+ValidateComment($::FORM{'comment'});
+
my $cookiepath = Param("cookiepath");
print "Set-Cookie: PLATFORM=$::FORM{'product'} ; path=$cookiepath ; expires=Sun, 30-Jun-2029 00:00:00 GMT\n" if ( exists $::FORM{'product'} );
print "Set-Cookie: VERSION-$::FORM{'product'}=$::FORM{'version'} ; path=$cookiepath ; expires=Sun, 30-Jun-2029 00:00:00 GMT\n" if ( exists $::FORM{'product'} && exists $::FORM{'version'} );
diff --git a/process_bug.cgi b/process_bug.cgi
index f2abb0390..fb3c0e482 100755
--- a/process_bug.cgi
+++ b/process_bug.cgi
@@ -92,6 +92,8 @@ if (defined $::FORM{'dup_id'} && $::FORM{'knob'} eq "duplicate") {
DuplicateUserConfirm();
}
+ValidateComment($::FORM{'comment'});
+
######################################################################
# End Data/Security Validation
######################################################################