From ea2d2a47281ac947297587c2619df190bf3c23c4 Mon Sep 17 00:00:00 2001
From: "wurblzap%gmail.com" <>
Date: Sat, 21 Oct 2006 01:52:24 +0000
Subject: Bug 340538: Insecure dependency in exec while running with -T switch
 at /usr/lib/perl5/site_perl/5.8.6/Mail/Mailer/sendmail.pm line 16. Patch by
 Marc Schumann <wurblzap@gmail.com>, r=LpSolit, a=myk

---
 Bugzilla/Auth/Verify.pm | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

(limited to 'Bugzilla/Auth')

diff --git a/Bugzilla/Auth/Verify.pm b/Bugzilla/Auth/Verify.pm
index 52cebb5ea..deb5f4e95 100644
--- a/Bugzilla/Auth/Verify.pm
+++ b/Bugzilla/Auth/Verify.pm
@@ -77,6 +77,11 @@ sub create_or_update_user {
               || return { failure => AUTH_ERROR, 
                           error   => 'auth_invalid_email',
                           details => {addr => $username} };
+            # Usually we'd call validate_password, but external authentication
+            # systems might follow different standards than ours. So in this
+            # place here, we call trick_taint without checks.
+            trick_taint($password);
+
             # XXX Theoretically this could fail with an error, but the fix for
             # that is too involved to be done right now.
             my $user = Bugzilla::User->create({ 
@@ -111,9 +116,6 @@ sub create_or_update_user {
         validate_email_syntax($username)
           || return { failure => AUTH_ERROR, error => 'auth_invalid_email',
                       details => {addr => $username} };
-        # Username is more than likely tainted, but we only use it in a
-        # placeholder, and we've already validated it, so it's safe.
-        trick_taint($username);
         $dbh->do('UPDATE profiles SET login_name = ? WHERE userid = ?',
                  undef, $username, $user->id);
     }
-- 
cgit v1.2.3-24-g4f1b