[SECURITY] Bug 209376: If you know the email address of someone who has voted on...

author justdave%syndicomm.com <>

Mon, 3 Nov 2003 11:39:43 +0000 (11:39 +0000)

committer justdave%syndicomm.com <>

Mon, 3 Nov 2003 11:39:43 +0000 (11:39 +0000)
author justdave%syndicomm.com <>
Mon, 3 Nov 2003 11:39:43 +0000 (11:39 +0000)
committer justdave%syndicomm.com <>
Mon, 3 Nov 2003 11:39:43 +0000 (11:39 +0000)
diff --git a/votes.cgi b/votes.cgi

index 7a387e0e16d631f0d07d0a707ee8b4c355ce8a59..f77e1efc8e84b3d49acf5e391bbd260d879d9ebc 100755 (executable)
--- a/votes.cgi
+++ b/votes.cgi
@@ -135,7 +135,7 @@ sub show_user {
      
      my $canedit = 1 if ($name eq $::COOKIE{'Bugzilla_login'});
      
-    SendSQL("LOCK TABLES bugs READ, products READ, votes WRITE,
+    SendSQL("LOCK TABLES bugs READ, products READ, profiles READ, votes WRITE,
               cc AS selectVisible_cc READ");
      
      if ($canedit && $bug_id) {
@@ -188,7 +188,9 @@ sub show_user {
              # and they can see there are votes 'missing', but not on what bug
              # they are. This seems a reasonable compromise; the alternative is
              # to lie in the totals.
-            next if !CanSeeBug($id, $who, $usergroupset);            
+            next if !CanSeeBug($id, 
+                               DBNameToIdAndCheck($::COOKIE{'Bugzilla_login'}),
+                               $usergroupset);            
              
              push (@bugs, { id => $id, 
                             summary => $summary,
author	justdave%syndicomm.com <>
	Mon, 3 Nov 2003 11:39:43 +0000 (11:39 +0000)
committer	justdave%syndicomm.com <>
	Mon, 3 Nov 2003 11:39:43 +0000 (11:39 +0000)