login_to_id does not detaint data.

2007-05-07 15:51:44 +00:00 · 2007-05-07 15:51:44 +00:00 · 20eb9ea6ac
--- a/webtools/testopia/Bugzilla/Testopia/Search.pm
+++ b/webtools/testopia/Bugzilla/Testopia/Search.pm
@ -1048,6 +1048,7 @@ sub init {
                    $name = trim($name);
                    if ($name) {
                        login_to_id($name);
+                        trick_taint($name);
                    }
                }
            }
--- a/webtools/testopia/tr_list_caseruns.cgi
+++ b/webtools/testopia/tr_list_caseruns.cgi
@ -131,6 +131,7 @@ if ($action eq 'Commit'){
           ThrowUserError("invalid_username", { name => $cgi->param('assignee') });
        }
        detaint_natural($status);
+        trick_taint($assignee);
        
        $caserun->set_status($status)     if ($caserun->status_id != $status);
        $caserun->set_assignee($assignee) if ($caserun->assignee->id != $assignee);
--- a/webtools/testopia/tr_list_cases.cgi
+++ b/webtools/testopia/tr_list_cases.cgi
@ -131,6 +131,7 @@ if ($action eq 'Commit'){
        trick_taint($requirement) if $requirement;
        trick_taint($arguments) if $arguments;
        trick_taint($script) if $script;
+        trick_taint($tester);
        
        detaint_natural($status);
        detaint_natural($priority);
--- a/webtools/testopia/tr_list_runs.cgi
+++ b/webtools/testopia/tr_list_runs.cgi
@ -94,6 +94,7 @@ if ($action eq 'Commit'){
            next;
        }
        my $manager = login_to_id(trim($cgi->param('manager')));
+        trick_taint($manager);
        if ($cgi->param('manager') && !$manager){
            print $cgi->multipart_end if $serverpush;
            ThrowUserError("invalid_username", { name => $cgi->param('manager') }) if $cgi->param('manager');
--- a/webtools/testopia/tr_new_case.cgi
+++ b/webtools/testopia/tr_new_case.cgi
@ -123,6 +123,7 @@ if ($action eq 'Add'){
    trick_taint($tcsetup);
    trick_taint($tcbreakdown);
    trick_taint($tcblocks);
+    trick_taint($tester);
    
    validate_selection($category, 'category_id', 'test_case_categories');
    validate_selection($status, 'case_status_id', 'test_case_status');
--- a/webtools/testopia/tr_new_run.cgi
+++ b/webtools/testopia/tr_new_run.cgi
@ -110,7 +110,7 @@ if ($action eq 'Add'){
    trick_taint($summary);
    trick_taint($notes);
    trick_taint($prodver);
-    
+    trick_taint($manager);
    
    if ($cgi->param('new_build')){
        my $new_build   = $cgi->param('new_build');
--- a/webtools/testopia/tr_plan_access.cgi
+++ b/webtools/testopia/tr_plan_access.cgi
@ -76,6 +76,7 @@ elsif ($action eq 'Add User'){
    $perms |= TR_READ | TR_WRITE | TR_DELETE | TR_ADMIN  if $cgi->param("na");
    
    detaint_natural($perms);
+    trick_taint($userid);
    $plan->add_tester($userid, $perms); 

    display();
--- a/webtools/testopia/tr_show_case.cgi
+++ b/webtools/testopia/tr_show_case.cgi
@ -386,6 +386,7 @@ sub do_update{
    trick_taint($newtcsetup);
    trick_taint($tcdependson);
    trick_taint($tcblocks);
+    trick_taint($tester);

    validate_selection($category, 'category_id', 'test_case_categories');
    validate_selection($status, 'case_status_id', 'test_case_status');
--- a/webtools/testopia/tr_show_caserun.cgi
+++ b/webtools/testopia/tr_show_caserun.cgi
@ -263,6 +263,7 @@ elsif ($action eq 'update_assignee'){
        print "Error - Invalid assignee";
        exit;
    }
+    trick_taint($assignee_id);
    $caserun->set_assignee($assignee_id);
 }
 elsif ($action eq 'update_sortkey'){
@ -362,6 +363,7 @@ sub do_update {
    detaint_natural($build);
    detaint_natural($status);
    trick_taint($notes);
+    trick_taint($assignee);

    # Switch to the record representing this build and environment combo.
    # If there is not one, it will create it and switch to that.
--- a/webtools/testopia/tr_show_run.cgi
+++ b/webtools/testopia/tr_show_run.cgi
@ -273,6 +273,7 @@ elsif ($action eq 'addcc'){
    my %ccids;
    foreach my $email (@cclist){
        my $ccid = login_to_id($email) || ThrowUserError("invalid_username", { name => $email });
+        trick_taint($ccid);
        if ($ccid && !$ccids{$ccid}) {
           $ccids{$ccid} = 1;
        }
@ -383,6 +384,7 @@ sub do_update {
    trick_taint($summary);
    trick_taint($planver);
    trick_taint($notes);
+    trick_taint($manager);
    
    detaint_natural($build);
    detaint_natural($env);
--- a/webtools/testopia/tr_tags.cgi
+++ b/webtools/testopia/tr_tags.cgi
@ -154,6 +154,7 @@ sub display {
    my $dbh = Bugzilla->dbh;
    my @tags;
    my $user = login_to_id($cgi->param('user')) if $cgi->param('user');
+    trick_taint($user);
    
    if ($cgi->param('action') eq 'show_all' && Bugzilla->user->in_group('admin')){
        my $tags = $dbh->selectcol_arrayref(