From 5dc75560608d63c6ee8e4c918cace9882f8ddf3b Mon Sep 17 00:00:00 2001 From: "mkanat%bugzilla.org" <> Date: Mon, 9 Nov 2009 18:27:52 +0000 Subject: Bug 513593: Make the WebService taint incoming parameters Patch by Max Kanat-Alexander r=dkl, a=mkanat --- Bugzilla/WebService/Util.pm | 37 +++++++++++++++++++++++++++++++++++-- 1 file changed, 35 insertions(+), 2 deletions(-) (limited to 'Bugzilla/WebService/Util.pm') diff --git a/Bugzilla/WebService/Util.pm b/Bugzilla/WebService/Util.pm index 74c1f2f02..8ff608c3a 100644 --- a/Bugzilla/WebService/Util.pm +++ b/Bugzilla/WebService/Util.pm @@ -21,10 +21,17 @@ package Bugzilla::WebService::Util; use strict; - use base qw(Exporter); -our @EXPORT_OK = qw(filter validate); +# We have to "require", not "use" this, because otherwise it tries to +# use features of Test::More during import(). +require Test::Taint; + +our @EXPORT_OK = qw( + filter + taint_data + validate +); sub filter ($$) { my ($params, $hash) = @_; @@ -44,6 +51,32 @@ sub filter ($$) { return \%newhash; } +sub taint_data { + my $params = shift; + return if !$params; + # Though this is a private function, it hasn't changed since 2004 and + # should be safe to use, and prevents us from having to write it ourselves + # or require another module to do it. + Test::Taint::_deeply_traverse(\&_delete_bad_keys, $params); + Test::Taint::taint_deeply($params); +} + +sub _delete_bad_keys { + foreach my $item (@_) { + next if ref $item ne 'HASH'; + foreach my $key (keys %$item) { + # Making something a hash key always untaints it, in Perl. + # However, we need to validate our argument names in some way. + # We know that all hash keys passed in to the WebService will + # match \w+, so we delete any key that doesn't match that. + if ($key !~ /^\w+$/) { + delete $item->{$key}; + } + } + } + return @_; +} + sub validate { my ($self, $params, @keys) = @_; -- cgit v1.2.3-24-g4f1b