From e70b77bb7906d661407d3f8759073bfc5b533026 Mon Sep 17 00:00:00 2001 From: "tara%tequilarista.org" <> Date: Wed, 26 Jul 2000 01:58:42 +0000 Subject: Landing Adam Spiers' contributions for security and small functional issues --- sanitycheck.cgi | 47 ++++++++++++++++++++++++++++------------------- 1 file changed, 28 insertions(+), 19 deletions(-) (limited to 'sanitycheck.cgi') diff --git a/sanitycheck.cgi b/sanitycheck.cgi index 2dc7035bc..5752f7b31 100755 --- a/sanitycheck.cgi +++ b/sanitycheck.cgi @@ -66,18 +66,27 @@ sub CrossCheck { } while (@_) { my $ref = shift @_; - my $t2 = shift @$ref; - my $f2 = shift @$ref; - my %exceptions; - foreach my $v (@$ref) { - $exceptions{$v} = 1; - } + my ($t2, $f2, $key2, $exceptions) = @$ref; + + $exceptions ||= []; + my %exceptions = map { $_ => 1 } @$exceptions; + Status("... from $t2.$f2"); - SendSQL("SELECT DISTINCT $f2 FROM $t2"); + + SendSQL("SELECT DISTINCT $f2" . ($key2 ? ", $key2" : '') ." FROM $t2"); while (MoreSQLData()) { - my $value = FetchOneColumn(); + my ($value, $key) = FetchSQLData(); if (!$valid{$value} && !$exceptions{$value}) { - Alert("Bad value $value found in $t2.$f2"); + my $alert = "Bad value $value found in $t2.$f2"; + if ($key2) { + if ($key2 eq 'bug_id') { + $alert .= qq{ (bug $key)}; + } + else { + $alert .= " ($key2 == '$key')"; + } + Alert($alert); + } } } } @@ -128,14 +137,14 @@ CrossCheck("bugs", "bug_id", ["keywords", "bug_id"]); CrossCheck("profiles", "userid", - ["bugs", "reporter"], - ["bugs", "assigned_to"], - ["bugs", "qa_contact", 0], - ["attachments", "submitter_id"], - ["bugs_activity", "who"], - ["cc", "who"], - ["votes", "who"], - ["longdescs", "who"], + ["bugs", "reporter", "bug_id"], + ["bugs", "assigned_to", "bug_id"], + ["bugs", "qa_contact", "bug_id", ["0"]], + ["attachments", "submitter_id", "bug_id"], + ["bugs_activity", "who", "bug_id"], + ["cc", "who", "bug_id"], + ["votes", "who", "bug_id"], + ["longdescs", "who", "bug_id"], ["namedqueries", "userid"]); @@ -237,9 +246,9 @@ foreach my $ref (@checklist) { Status("Checking profile logins"); my $emailregexp = Param("emailregexp"); - +$emailregexp =~ s/'/\\'/g; SendSQL("SELECT userid, login_name FROM profiles " . - "WHERE login_name NOT REGEXP " . SqlQuote($emailregexp)); + "WHERE login_name NOT REGEXP '" . $emailregexp . "'"); while (my ($id,$email) = (FetchSQLData())) { -- cgit v1.2.3-24-g4f1b