]> git.ipfire.org Git - thirdparty/bugzilla.git/commitdiff
projects / thirdparty / bugzilla.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e2ac802)
Bug 300831: editwhines.cgi twice uses $1 without checking for regex match - Patch...
authorlpsolit%gmail.com <>
Mon, 22 Aug 2005 03:25:29 +0000 (03:25 +0000)
committerlpsolit%gmail.com <>
Mon, 22 Aug 2005 03:25:29 +0000 (03:25 +0000)
editwhines.cgi patch | blob | blame | history

diff --git a/editwhines.cgi b/editwhines.cgi
index 1f5c954f3994b91f6d7aeca42898515dd042de04..f7e773fcc78f940c688f1a908194188c999f14fb 100755 (executable)
--- a/editwhines.cgi
+++ b/editwhines.cgi
@@ -237,19 +237,26 @@ if ($cgi->param('update')) {
                         if ($mailto_type == MAILTO_USER) {
                             # detaint
                             my $emailregexp = Param('emailregexp');
-                            $mailto =~ /($emailregexp)/;
-                            $mailto =~ $1;
-                            $mailto_id = login_to_id($mailto);
+                            if ($mailto =~ /($emailregexp)/) {
+                                $mailto_id = login_to_id($1);
+                            }
+                            else {
+                                ThrowUserError("illegal_email_address", 
+                                               { addr => $mailto });
+                            }
                         }
                         elsif ($mailto_type == MAILTO_GROUP) {
                             # detaint the group parameter
-                            $mailto =~ /^([0-9a-z_\-\.]+)/i;
-                            my $group = $1;
-
-                            $mailto_id = Bugzilla::Group::ValidateGroupName(
-                                $group, ($user));
-                            $mailto_id || ThrowUserError(
-                                'invalid_group_name', {name => $group});
+                            if ($mailto =~ /^([0-9a-z_\-\.]+)$/i) {
+                                $mailto_id = Bugzilla::Group::ValidateGroupName(
+                                                 $1, ($user)) || 
+                                             ThrowUserError(
+                                                 'invalid_group_name', 
+                                                 { name => $1 });
+                            } else {
+                                ThrowUserError('invalid_group_name',
+                                               { name => $mailto });
+                            }
                         }
                         else {
                             # bad value, so it will just mail to the whine
Mirror of https://github.com/bugzilla/bugzilla.git