Skip to content

bugzilla
bugzilla
Commit af8e935a authored by Frédéric Buclin's avatar Frédéric Buclin
Browse files
Options

Bug 674497: (CVE-2011-2979) [SECURITY] Custom searches let you determine if a group exists or not

r=glob a=LpSolit
parent 75b2accb
Hide whitespace changes
Inline Side-by-side
Showing with 2 additions and 2 deletions
Bugzilla/Search.pm
View file @ af8e935a
...@@ -2007,7 +2007,7 @@ sub _contact_exact_group { ...@@ -2007,7 +2007,7 @@ sub _contact_exact_group {
my $user = $self->_user; my $user = $self->_user;
$value =~ /\%group\.([^%]+)%/; $value =~ /\%group\.([^%]+)%/;
my $group = Bugzilla::Group->check($1); my $group = Bugzilla::Group->check({ name => $1, _error => 'invalid_group_name' });
$group->check_members_are_visible(); $group->check_members_are_visible();
$user->in_group($group) $user->in_group($group)
|| ThrowUserError('invalid_group_name', {name => $group->name}); || ThrowUserError('invalid_group_name', {name => $group->name});
...@@ -2054,7 +2054,7 @@ sub _cc_exact_group { ...@@ -2054,7 +2054,7 @@ sub _cc_exact_group {
my $dbh = Bugzilla->dbh; my $dbh = Bugzilla->dbh;
$value =~ m/%group\.([^%]+)%/; $value =~ m/%group\.([^%]+)%/;
my $group = Bugzilla::Group->check($1); my $group = Bugzilla::Group->check({ name => $1, _error => 'invalid_group_name' });
$group->check_members_are_visible(); $group->check_members_are_visible();
$user->in_group($group) $user->in_group($group)
|| ThrowUserError('invalid_group_name', {name => $group->name}); || ThrowUserError('invalid_group_name', {name => $group->name});
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment