Bug 471866: Classification name length and sortkey max value not validated - Patch...

diff --git a/Bugzilla/Classification.pm b/Bugzilla/Classification.pm
index 7c362bc45f6b937aa76e0697c2a33b4840671619..a7f59b4bbab5314b8a874274c19df018c9e756c3 100644 (file)
--- a/Bugzilla/Classification.pm
+++ b/Bugzilla/Classification.pm
@@ -19,6 +19,7 @@ use strict;
 
 package Bugzilla::Classification;
 
+use Bugzilla::Constants;
 use Bugzilla::Util;
 use Bugzilla::Error;
 use Bugzilla::Product;
@@ -85,6 +86,10 @@ sub _check_name {
     $name = trim($name);
     $name || ThrowUserError('classification_not_specified');
 
+    if (length($name) > MAX_CLASSIFICATION_SIZE) {
+        ThrowUserError('classification_name_too_long', {'name' => $name});
+    }
+
     my $classification = new Bugzilla::Classification({name => $name});
     if ($classification && (!ref $invocant || $classification->id != $invocant->id)) {
         ThrowUserError("classification_already_exists", { name => $classification->name });
@@ -104,9 +109,9 @@ sub _check_sortkey {
 
     $sortkey ||= 0;
     my $stored_sortkey = $sortkey;
-    detaint_natural($sortkey)
-      || ThrowUserError('classification_invalid_sortkey', { 'sortkey' => $stored_sortkey });
-
+    if (!detaint_natural($sortkey) || $sortkey > MAX_SMALLINT) {
+        ThrowUserError('classification_invalid_sortkey', { 'sortkey' => $stored_sortkey });
+    }
     return $sortkey;
 }
 

diff --git a/Bugzilla/Constants.pm b/Bugzilla/Constants.pm
index f191f70d4531512c0a87f7fa7fff57681329a4b6..608e3a9d254a29d92109a8cd39753953dac0644e 100644 (file)
--- a/Bugzilla/Constants.pm
+++ b/Bugzilla/Constants.pm
@@ -149,6 +149,7 @@ use File::Basename;
     MAX_SMALLINT
 
     MAX_LEN_QUERY_NAME
+    MAX_CLASSIFICATION_SIZE
     MAX_PRODUCT_SIZE
     MAX_MILESTONE_SIZE
     MAX_COMPONENT_SIZE
@@ -425,6 +426,9 @@ use constant MAX_SMALLINT => 32767;
 # The longest that a saved search name can be.
 use constant MAX_LEN_QUERY_NAME => 64;
 
+# The longest classification name allowed.
+use constant MAX_CLASSIFICATION_SIZE => 64;
+
 # The longest product name allowed.
 use constant MAX_PRODUCT_SIZE => 64;
 

diff --git a/template/en/default/global/user-error.html.tmpl b/template/en/default/global/user-error.html.tmpl
index b072d2bbd8ddb8053327da1cd73e29e830b9661e..191f6eebd9ca04f29e20080f460e8437612743ec 100644 (file)
--- a/template/en/default/global/user-error.html.tmpl
+++ b/template/en/default/global/user-error.html.tmpl
@@ -263,7 +263,12 @@
     [% title = "Classification Not Enabled" %]
     Sorry, classification is not enabled.
 
-  [% ELSIF error == "classification_not_specified" %]
+  [% ELSIF error == "classification_name_too_long" %]
+    [% title = "Classification Name Too Long" %]
+    The name of a classification is limited to [% constants.MAX_CLASSIFICATION_SIZE FILTER html %]
+    characters. '[% name FILTER html %]' is too long ([% name.length %] characters).
+
+[% ELSIF error == "classification_not_specified" %]
     [% title = "You Must Supply A Classification Name" %]
     You must enter a classification name.
 
@@ -273,8 +278,8 @@
 
   [% ELSIF error == "classification_invalid_sortkey" %]
     [% title = "Invalid Sortkey for Classification" %]
-    The sortkey <em>[% sortkey FILTER html %]</em> is invalid.
-    It must be a positive integer.
+    The sortkey '[% sortkey FILTER html %]' is invalid. It must be an
+    integer between 0 and [% constants.MAX_SMALLINT FILTER html %].
 
   [% ELSIF error == "classification_not_deletable" %]
     [% title = "Default Classification Can Not Be Deleted" %]