From: Max Kanat-Alexander <mkanat@bugzilla.org>
Date: Thu, 24 Jun 2010 17:10:36 +0000 (-0700)
Subject: Bug 309952: (CVE-2010-1204) [SECURITY] Protect boolean chart searches for
X-Git-Tag: bugzilla-3.2.7~1
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=6d4be44ecf30f5448ef567cf5d947f3edd97581a;p=thirdparty%2Fbugzilla.git

Bug 309952: (CVE-2010-1204) [SECURITY] Protect boolean chart searches for
time-tracking fields from being used by users who are not in the
timetrackinggroup.
r=LpSolit, a=mkanat
---

diff --git a/Bugzilla/Search.pm b/Bugzilla/Search.pm
index 499cc071f9..c489a9b7b6 100644
--- a/Bugzilla/Search.pm
+++ b/Bugzilla/Search.pm
@@ -638,6 +638,14 @@ sub init {
     %chartfields = @{$dbh->selectcol_arrayref(
         q{SELECT name, id FROM fielddefs}, { Columns=>[1,2] })};
 
+    if (!$user->in_group(Bugzilla->params->{'timetrackinggroup'})) {
+        foreach my $tt_field (qw(estimated_time remaining_time work_time
+                                 actual_time percentage_complete deadline)) 
+        {
+            delete $chartfields{$tt_field};
+        }
+    }
+
     $row = 0;
     for ($chart=-1 ;
          $chart < 0 || $params->param("field$chart-0-0") ;