Fix for bug 72184: prevents users from entering too-large comments/descriptions that...

author myk%mozilla.org <>

Mon, 11 Mar 2002 15:33:03 +0000 (15:33 +0000)

committer myk%mozilla.org <>

Mon, 11 Mar 2002 15:33:03 +0000 (15:33 +0000)
author myk%mozilla.org <>
Mon, 11 Mar 2002 15:33:03 +0000 (15:33 +0000)
committer myk%mozilla.org <>
Mon, 11 Mar 2002 15:33:03 +0000 (15:33 +0000)
diff --git a/CGI.pl b/CGI.pl

index f91cbd6704440598ccd947ab5d6cca8b7dc65c11..0882a967cc30a997e9d37e989df60829a095b697 100644 (file)
--- a/CGI.pl
+++ b/CGI.pl
@@ -324,6 +324,19 @@ sub ValidateBugID {
  
  }
  
+
+sub ValidateComment {
+    # Make sure a comment is not too large (greater than 64K).
+    
+    my ($comment) = @_;
+    
+    if (defined($comment) && length($comment) > 65535) {
+        DisplayError("Comments cannot be longer than 65,535 characters.");
+        exit;
+    }
+}
+
+
  # check and see if a given string actually represents a positive
  # integer, and abort if not.
  # 
diff --git a/attachment.cgi b/attachment.cgi

index 32b4ef46157e62148d71beab57718fc1004e9d02..66c3236a70df2cd4b62892f3b8a1a0f1a608f339 100755 (executable)
--- a/attachment.cgi
+++ b/attachment.cgi
@@ -77,6 +77,7 @@ elsif ($action eq "insert")
  {
    confirm_login();
    ValidateBugID($::FORM{'bugid'});
+  ValidateComment($::FORM{'comment'});
    validateFilename();
    validateData();
    validateDescription();
@@ -95,6 +96,7 @@ elsif ($action eq "edit")
  elsif ($action eq "update") 
  { 
    confirm_login();
+  ValidateComment($::FORM{'comment'});
    validateID();
    validateCanEdit($::FORM{'id'});
    validateDescription();
diff --git a/post_bug.cgi b/post_bug.cgi

index 0ae44d32fca45567eba83c94f1d04bae06f0caa6..58048ef7ea7b6891badb0bf5d31074b2773f8c01 100755 (executable)
--- a/post_bug.cgi
+++ b/post_bug.cgi
@@ -49,6 +49,8 @@ sub sillyness {
  
  confirm_login();
  
+ValidateComment($::FORM{'comment'});
+
  my $cookiepath = Param("cookiepath");
  print "Set-Cookie: PLATFORM=$::FORM{'product'} ; path=$cookiepath ; expires=Sun, 30-Jun-2029 00:00:00 GMT\n" if ( exists $::FORM{'product'} );
  print "Set-Cookie: VERSION-$::FORM{'product'}=$::FORM{'version'} ; path=$cookiepath ; expires=Sun, 30-Jun-2029 00:00:00 GMT\n" if ( exists $::FORM{'product'} && exists $::FORM{'version'} );
diff --git a/process_bug.cgi b/process_bug.cgi

index f2abb039048a5236649ffbbec78512ac02315d5c..fb3c0e48258792edaff665829dfb82f1be90313a 100755 (executable)
--- a/process_bug.cgi
+++ b/process_bug.cgi
@@ -92,6 +92,8 @@ if (defined $::FORM{'dup_id'} && $::FORM{'knob'} eq "duplicate") {
      DuplicateUserConfirm();
  }
  
+ValidateComment($::FORM{'comment'});
+
  ######################################################################
  # End Data/Security Validation
  ######################################################################
author	myk%mozilla.org <>
	Mon, 11 Mar 2002 15:33:03 +0000 (15:33 +0000)
committer	myk%mozilla.org <>
	Mon, 11 Mar 2002 15:33:03 +0000 (15:33 +0000)
CGI.pl		patch \| blob \| blame \| history
attachment.cgi		patch \| blob \| blame \| history
post_bug.cgi		patch \| blob \| blame \| history
process_bug.cgi		patch \| blob \| blame \| history