diff options
author | lpsolit%gmail.com <> | 2009-01-04 23:15:28 +0000 |
---|---|---|
committer | lpsolit%gmail.com <> | 2009-01-04 23:15:28 +0000 |
commit | a8cc91bfe25645ff5d83d1732109533688872196 (patch) | |
tree | 830e43739ada756f5b43192a2af3ad50a6835271 /Bugzilla/Classification.pm | |
parent | 19d1f1c324a35bd44689cde98752275f518082e2 (diff) | |
download | bugs-a8cc91bfe25645ff5d83d1732109533688872196.tar bugs-a8cc91bfe25645ff5d83d1732109533688872196.tar.gz bugs-a8cc91bfe25645ff5d83d1732109533688872196.tar.bz2 bugs-a8cc91bfe25645ff5d83d1732109533688872196.tar.xz bugs-a8cc91bfe25645ff5d83d1732109533688872196.zip |
Bug 471866: Classification name length and sortkey max value not validated - Patch by Frédéric Buclin <LpSolit@gmail.com> r=wicked a=LpSolit
Diffstat (limited to 'Bugzilla/Classification.pm')
-rw-r--r-- | Bugzilla/Classification.pm | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/Bugzilla/Classification.pm b/Bugzilla/Classification.pm index 7c362bc45..a7f59b4bb 100644 --- a/Bugzilla/Classification.pm +++ b/Bugzilla/Classification.pm @@ -19,6 +19,7 @@ use strict; package Bugzilla::Classification; +use Bugzilla::Constants; use Bugzilla::Util; use Bugzilla::Error; use Bugzilla::Product; @@ -85,6 +86,10 @@ sub _check_name { $name = trim($name); $name || ThrowUserError('classification_not_specified'); + if (length($name) > MAX_CLASSIFICATION_SIZE) { + ThrowUserError('classification_name_too_long', {'name' => $name}); + } + my $classification = new Bugzilla::Classification({name => $name}); if ($classification && (!ref $invocant || $classification->id != $invocant->id)) { ThrowUserError("classification_already_exists", { name => $classification->name }); @@ -104,9 +109,9 @@ sub _check_sortkey { $sortkey ||= 0; my $stored_sortkey = $sortkey; - detaint_natural($sortkey) - || ThrowUserError('classification_invalid_sortkey', { 'sortkey' => $stored_sortkey }); - + if (!detaint_natural($sortkey) || $sortkey > MAX_SMALLINT) { + ThrowUserError('classification_invalid_sortkey', { 'sortkey' => $stored_sortkey }); + } return $sortkey; } |