From 171ea61c9929ce12b5bf7988ed1c87183dbb1538 Mon Sep 17 00:00:00 2001
From: Dave Lawrence <dlawrence@mozilla.com>
Date: Wed, 18 Apr 2012 15:29:24 -0700
Subject: Bumping the version post-release

---
 Bugzilla/Constants.pm | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'Bugzilla')

diff --git a/Bugzilla/Constants.pm b/Bugzilla/Constants.pm
index d4f18a604..01d555b7a 100644
--- a/Bugzilla/Constants.pm
+++ b/Bugzilla/Constants.pm
@@ -202,7 +202,7 @@ use Memoize;
 # CONSTANTS
 #
 # Bugzilla version
-use constant BUGZILLA_VERSION => "4.2.1";
+use constant BUGZILLA_VERSION => "4.2.1+";
 
 # Location of the remote and local XML files to track new releases.
 use constant REMOTE_FILE => 'http://updates.bugzilla.org/bugzilla-update.xml';
-- 
cgit v1.2.3-24-g4f1b


From 3b9a39da6dabb27ecf3ed4da7b6e2ea4eab750cd Mon Sep 17 00:00:00 2001
From: Byron Jones <bjones@mozilla.com>
Date: Mon, 30 Apr 2012 14:41:43 +0800
Subject: Bug 749074: Throw an error message instead of syntax error on invalid
 search type operators r=LpSolit,a=LpSolit

---
 Bugzilla/Search.pm | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'Bugzilla')

diff --git a/Bugzilla/Search.pm b/Bugzilla/Search.pm
index 1097b32dd..ae33875d9 100644
--- a/Bugzilla/Search.pm
+++ b/Bugzilla/Search.pm
@@ -1747,7 +1747,9 @@ sub do_search_function {
 sub _do_operator_function {
     my ($self, $func_args) = @_;
     my $operator = $func_args->{operator};
-    my $operator_func = OPERATORS->{$operator};
+    my $operator_func = OPERATORS->{$operator}
+      || ThrowCodeError("search_field_operator_unsupported",
+                        { operator => $operator });
     $self->$operator_func($func_args);
 }
 
-- 
cgit v1.2.3-24-g4f1b


From 5ec002f8c6aaf5dba9039ac8ae5898b07af4afee Mon Sep 17 00:00:00 2001
From: Simon Green <sgreen+mozilla@redhat.com>
Date: Thu, 17 May 2012 15:23:35 +0200
Subject: Bug 752751: Perl modules that start with a protocol (eg HTTP::Header)
 are not escaped correctly in SAFE_URL_REGEXP r/a=LpSolit

---
 Bugzilla/Template.pm | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'Bugzilla')

diff --git a/Bugzilla/Template.pm b/Bugzilla/Template.pm
index 527b704b2..c907f9267 100644
--- a/Bugzilla/Template.pm
+++ b/Bugzilla/Template.pm
@@ -69,7 +69,7 @@ use constant FORMAT_2_SIZE => [19,55];
 # Pseudo-constant.
 sub SAFE_URL_REGEXP {
     my $safe_protocols = join('|', SAFE_PROTOCOLS);
-    return qr/($safe_protocols):[^\s<>\"]+[\w\/]/i;
+    return qr/($safe_protocols):[^:\s<>\"][^\s<>\"]+[\w\/]/i;
 }
 
 # Convert the constants in the Bugzilla::Constants module into a hash we can
-- 
cgit v1.2.3-24-g4f1b


From fc9858fed697d00fb921dd86448dad0ef70552a6 Mon Sep 17 00:00:00 2001
From: Frédéric Buclin <LpSolit@gmail.com>
Date: Mon, 21 May 2012 20:07:33 +0200
Subject: Bug 754090: Bugzilla::FlagType::match() crashes when the group
 parameter is not a number a=LpSolit

---
 Bugzilla/FlagType.pm | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

(limited to 'Bugzilla')

diff --git a/Bugzilla/FlagType.pm b/Bugzilla/FlagType.pm
index b30065a1c..15d982744 100644
--- a/Bugzilla/FlagType.pm
+++ b/Bugzilla/FlagType.pm
@@ -681,7 +681,10 @@ sub sqlify_criteria {
     }
     if ($criteria->{product_id}) {
         my $product_id = $criteria->{product_id};
-        
+        detaint_natural($product_id)
+          || ThrowCodeError('bad_arg', { argument => 'product_id',
+                                         function => 'Bugzilla::FlagType::sqlify_criteria' });
+
         # Add inclusions to the query, which simply involves joining the table
         # by flag type ID and target product/component.
         push(@$tables, "INNER JOIN flaginclusions AS i ON flagtypes.id = i.type_id");
@@ -698,6 +701,10 @@ sub sqlify_criteria {
         my $addl_join_clause = "";
         if ($criteria->{component_id}) {
             my $component_id = $criteria->{component_id};
+            detaint_natural($component_id)
+              || ThrowCodeError('bad_arg', { argument => 'component_id',
+                                             function => 'Bugzilla::FlagType::sqlify_criteria' });
+
             push(@criteria, "(i.component_id = $component_id OR i.component_id IS NULL)");
             $join_clause .= "AND (e.component_id = $component_id OR e.component_id IS NULL) ";
         }
@@ -711,7 +718,10 @@ sub sqlify_criteria {
     }
     if ($criteria->{group}) {
         my $gid = $criteria->{group};
-        detaint_natural($gid);
+        detaint_natural($gid)
+          || ThrowCodeError('bad_arg', { argument => 'group',
+                                         function => 'Bugzilla::FlagType::sqlify_criteria' });
+
         push(@criteria, "(flagtypes.grant_group_id = $gid " .
                         " OR flagtypes.request_group_id = $gid)");
     }
-- 
cgit v1.2.3-24-g4f1b