diff --git a/webtools/testopia/Bugzilla/Testopia/Search.pm b/webtools/testopia/Bugzilla/Testopia/Search.pm index e554683b764..2c98531ac70 100644 --- a/webtools/testopia/Bugzilla/Testopia/Search.pm +++ b/webtools/testopia/Bugzilla/Testopia/Search.pm @@ -1048,6 +1048,7 @@ sub init { $name = trim($name); if ($name) { login_to_id($name); + trick_taint($name); } } } diff --git a/webtools/testopia/tr_list_caseruns.cgi b/webtools/testopia/tr_list_caseruns.cgi index 0b1e2a86b28..2f6407b1a47 100755 --- a/webtools/testopia/tr_list_caseruns.cgi +++ b/webtools/testopia/tr_list_caseruns.cgi @@ -131,6 +131,7 @@ if ($action eq 'Commit'){ ThrowUserError("invalid_username", { name => $cgi->param('assignee') }); } detaint_natural($status); + trick_taint($assignee); $caserun->set_status($status) if ($caserun->status_id != $status); $caserun->set_assignee($assignee) if ($caserun->assignee->id != $assignee); diff --git a/webtools/testopia/tr_list_cases.cgi b/webtools/testopia/tr_list_cases.cgi index feccbd8177a..affdff41a0b 100755 --- a/webtools/testopia/tr_list_cases.cgi +++ b/webtools/testopia/tr_list_cases.cgi @@ -131,6 +131,7 @@ if ($action eq 'Commit'){ trick_taint($requirement) if $requirement; trick_taint($arguments) if $arguments; trick_taint($script) if $script; + trick_taint($tester); detaint_natural($status); detaint_natural($priority); diff --git a/webtools/testopia/tr_list_runs.cgi b/webtools/testopia/tr_list_runs.cgi index c2e69b86f29..7e7d8d45c0e 100755 --- a/webtools/testopia/tr_list_runs.cgi +++ b/webtools/testopia/tr_list_runs.cgi @@ -94,6 +94,7 @@ if ($action eq 'Commit'){ next; } my $manager = login_to_id(trim($cgi->param('manager'))); + trick_taint($manager); if ($cgi->param('manager') && !$manager){ print $cgi->multipart_end if $serverpush; ThrowUserError("invalid_username", { name => $cgi->param('manager') }) if $cgi->param('manager'); diff --git a/webtools/testopia/tr_new_case.cgi b/webtools/testopia/tr_new_case.cgi index 555c2d078e0..2e757b48898 100755 --- a/webtools/testopia/tr_new_case.cgi +++ b/webtools/testopia/tr_new_case.cgi @@ -123,6 +123,7 @@ if ($action eq 'Add'){ trick_taint($tcsetup); trick_taint($tcbreakdown); trick_taint($tcblocks); + trick_taint($tester); validate_selection($category, 'category_id', 'test_case_categories'); validate_selection($status, 'case_status_id', 'test_case_status'); diff --git a/webtools/testopia/tr_new_run.cgi b/webtools/testopia/tr_new_run.cgi index d3d55c097c6..c31fe9ddef7 100755 --- a/webtools/testopia/tr_new_run.cgi +++ b/webtools/testopia/tr_new_run.cgi @@ -110,7 +110,7 @@ if ($action eq 'Add'){ trick_taint($summary); trick_taint($notes); trick_taint($prodver); - + trick_taint($manager); if ($cgi->param('new_build')){ my $new_build = $cgi->param('new_build'); diff --git a/webtools/testopia/tr_plan_access.cgi b/webtools/testopia/tr_plan_access.cgi index a9d1c0d62f5..3c66b021836 100644 --- a/webtools/testopia/tr_plan_access.cgi +++ b/webtools/testopia/tr_plan_access.cgi @@ -76,6 +76,7 @@ elsif ($action eq 'Add User'){ $perms |= TR_READ | TR_WRITE | TR_DELETE | TR_ADMIN if $cgi->param("na"); detaint_natural($perms); + trick_taint($userid); $plan->add_tester($userid, $perms); display(); diff --git a/webtools/testopia/tr_show_case.cgi b/webtools/testopia/tr_show_case.cgi index 0cb07113278..59c9f69d654 100755 --- a/webtools/testopia/tr_show_case.cgi +++ b/webtools/testopia/tr_show_case.cgi @@ -386,6 +386,7 @@ sub do_update{ trick_taint($newtcsetup); trick_taint($tcdependson); trick_taint($tcblocks); + trick_taint($tester); validate_selection($category, 'category_id', 'test_case_categories'); validate_selection($status, 'case_status_id', 'test_case_status'); diff --git a/webtools/testopia/tr_show_caserun.cgi b/webtools/testopia/tr_show_caserun.cgi index 9b5db9e290a..cb3fa074131 100755 --- a/webtools/testopia/tr_show_caserun.cgi +++ b/webtools/testopia/tr_show_caserun.cgi @@ -263,6 +263,7 @@ elsif ($action eq 'update_assignee'){ print "Error - Invalid assignee"; exit; } + trick_taint($assignee_id); $caserun->set_assignee($assignee_id); } elsif ($action eq 'update_sortkey'){ @@ -362,6 +363,7 @@ sub do_update { detaint_natural($build); detaint_natural($status); trick_taint($notes); + trick_taint($assignee); # Switch to the record representing this build and environment combo. # If there is not one, it will create it and switch to that. diff --git a/webtools/testopia/tr_show_run.cgi b/webtools/testopia/tr_show_run.cgi index 9472708aa3e..f131359dec2 100755 --- a/webtools/testopia/tr_show_run.cgi +++ b/webtools/testopia/tr_show_run.cgi @@ -273,6 +273,7 @@ elsif ($action eq 'addcc'){ my %ccids; foreach my $email (@cclist){ my $ccid = login_to_id($email) || ThrowUserError("invalid_username", { name => $email }); + trick_taint($ccid); if ($ccid && !$ccids{$ccid}) { $ccids{$ccid} = 1; } @@ -383,6 +384,7 @@ sub do_update { trick_taint($summary); trick_taint($planver); trick_taint($notes); + trick_taint($manager); detaint_natural($build); detaint_natural($env); diff --git a/webtools/testopia/tr_tags.cgi b/webtools/testopia/tr_tags.cgi index 311b56a58dc..65facbfd7a6 100755 --- a/webtools/testopia/tr_tags.cgi +++ b/webtools/testopia/tr_tags.cgi @@ -154,6 +154,7 @@ sub display { my $dbh = Bugzilla->dbh; my @tags; my $user = login_to_id($cgi->param('user')) if $cgi->param('user'); + trick_taint($user); if ($cgi->param('action') eq 'show_all' && Bugzilla->user->in_group('admin')){ my $tags = $dbh->selectcol_arrayref(