Bug 221977: Insecure dependency in require while running with -T switch at Bugzilla...

author jocuri%softhome.net <>

Sun, 19 Oct 2003 05:46:22 +0000 (05:46 +0000)

committer jocuri%softhome.net <>

Sun, 19 Oct 2003 05:46:22 +0000 (05:46 +0000)
author jocuri%softhome.net <>
Sun, 19 Oct 2003 05:46:22 +0000 (05:46 +0000)
committer jocuri%softhome.net <>
Sun, 19 Oct 2003 05:46:22 +0000 (05:46 +0000)
diff --git a/Bugzilla/Auth.pm b/Bugzilla/Auth.pm

index 902ae0f0515bc3fcc1db99677e6aa44842c3b057..21d4409604a64bada0c03171d4db824fe52fa809 100644 (file)
--- a/Bugzilla/Auth.pm
+++ b/Bugzilla/Auth.pm
@@ -29,6 +29,12 @@ use Bugzilla::Constants;
  # 'inherit' from the main loginmethod
  BEGIN {
      my $loginmethod = Param("loginmethod");
+    if ($loginmethod =~ /^([A-Za-z0-9_\.\-]+)$/) {
+        $loginmethod = $1;
+    }
+    else {
+        die "Badly-named loginmethod '$loginmethod'";
+    }
      require "Bugzilla/Auth/" . $loginmethod . ".pm";
  
      our @ISA;
author	jocuri%softhome.net <>
	Sun, 19 Oct 2003 05:46:22 +0000 (05:46 +0000)
committer	jocuri%softhome.net <>
	Sun, 19 Oct 2003 05:46:22 +0000 (05:46 +0000)