From 27daf484e99ea638f10beec81f41a2bcb412fd4d Mon Sep 17 00:00:00 2001
From: Frédéric Buclin <LpSolit@gmail.com>
Date: Tue, 15 Mar 2016 17:07:20 +0100
Subject: Bug 1253267: DOT injection vulnerability in dependency graphs when
 long bug summaries are wrapped r=dkl

---
 showdependencygraph.cgi | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/showdependencygraph.cgi b/showdependencygraph.cgi
index e692167de..196d8f84e 100755
--- a/showdependencygraph.cgi
+++ b/showdependencygraph.cgi
@@ -199,6 +199,9 @@ foreach my $k (@bug_ids) {
         utf8::encode($summary) if utf8::is_utf8($summary);
         $summary = wrap_comment($summary);
         $summary =~ s/([\\\"])/\\$1/g;
+        # Newlines must be escaped too, to not break the .map file
+        # and to prevent code injection.
+        $summary =~ s/\n/\\n/g;
         push(@params, qq{label="$k\\n$summary"});
     }
 
-- 
cgit v1.2.3-24-g4f1b