From 3f3cc3c9ac50a9e43fc98dfd84c675ba22ada22b Mon Sep 17 00:00:00 2001
From: Byron Jones <glob@glob.com.au>
Date: Wed, 3 Nov 2010 00:18:33 +0100
Subject: Bug 600464: (CVE-2010-3172) [SECURITY] Content/Header injection due
 to non-random multipart/x-mixed-replace boundary r=mkanat a=LpSolit

---
 Bugzilla/CGI.pm | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'Bugzilla')

diff --git a/Bugzilla/CGI.pm b/Bugzilla/CGI.pm
index a9b938c6d..8ec3ac28e 100644
--- a/Bugzilla/CGI.pm
+++ b/Bugzilla/CGI.pm
@@ -213,7 +213,8 @@ sub multipart_init {
     }
 
     # Set the MIME boundary and content-type
-    my $boundary = $param{'-boundary'} || '------- =_aaaaaaaaaa0';
+    my $boundary = $param{'-boundary'}
+        || '------- =_' . generate_random_password(16);
     delete $param{'-boundary'};
     $self->{'separator'} = "\r\n--$boundary\r\n";
     $self->{'final_separator'} = "\r\n--$boundary--\r\n";
-- 
cgit v1.2.3-24-g4f1b