From: Frédéric Buclin <LpSolit@gmail.com>
Date: Tue, 15 Mar 2016 16:11:52 +0000 (+0100)
Subject: Bug 1253267: Possible DOT injection vulnerability in dependency graphs if long bug... 
X-Git-Tag: release-5.0.3~18
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=1c5ecdf1c8d11dbd47f1361bc11565d1175c81bd;p=thirdparty%2Fbugzilla.git

Bug 1253267: Possible DOT injection vulnerability in dependency graphs if long bug summaries are wrapped
r/a=dkl
---

diff --git a/showdependencygraph.cgi b/showdependencygraph.cgi
index 476df1e8eb..6d4cb1e71b 100755
--- a/showdependencygraph.cgi
+++ b/showdependencygraph.cgi
@@ -198,6 +198,9 @@ foreach my $k (@bug_ids) {
             utf8::encode($summary) if utf8::is_utf8($summary);
         }
         $summary =~ s/([\\\"])/\\$1/g;
+        # Newlines must be escaped too, to not break the .map file
+        # and to prevent code injection.
+        $summary =~ s/\n/\\n/g;
         push(@params, qq{label="$k\\n$summary"});
     }