MIN_SMALLINT
MAX_SMALLINT
+ MAX_INT_32
MAX_LEN_QUERY_NAME
MAX_CLASSIFICATION_SIZE
use constant MIN_SMALLINT => -32768;
use constant MAX_SMALLINT => 32767;
+use constant MAX_INT_32 => 2147483647;
# The longest that a saved search name can be.
use constant MAX_LEN_QUERY_NAME => 64;
|| ThrowCodeError('param_must_be_numeric',
{function => $class . '::_init'});
+ # Too large integers make PostgreSQL crash.
+ return if $id > MAX_INT_32;
+
$object = $dbh->selectrow_hashref(qq{
SELECT $columns FROM $table
WHERE $id_field = ?}, undef, $id);
detaint_natural($id) ||
ThrowCodeError('param_must_be_numeric',
{function => $class . '::new_from_list'});
+ # Too large integers make PostgreSQL crash.
+ next if $id > MAX_INT_32;
push(@detainted_ids, $id);
}
# We don't do $invocant->match because some classes have
my ($attachid, $link_text) = @_;
my $dbh = Bugzilla->dbh;
- detaint_natural($attachid)
- || die "get_attachment_link() called with non-integer attachment number";
+ (detaint_natural($attachid) && $attachid <= MAX_INT_32)
+ || return $link_text;
my ($bugid, $isobsolete, $desc) =
$dbh->selectrow_array('SELECT bug_id, isobsolete, description
}
my $quote_bug_num = html_quote($bug_num);
detaint_natural($bug_num) || return "<invalid bug number: $quote_bug_num>";
+ ($bug_num <= MAX_INT_32) || return $link_text;
my ($bug_alias, $bug_state, $bug_res, $bug_desc) =
$dbh->selectrow_array('SELECT bugs.alias, bugs.bug_status, bugs.resolution, bugs.short_desc
projects / thirdparty / bugzilla.git / commitdiff
