From: myk%mozilla.org <>
Date: Mon, 11 Mar 2002 15:33:03 +0000 (+0000)
Subject: Fix for bug 72184: prevents users from entering too-large comments/descriptions that... 
X-Git-Tag: bugzilla-2.16rc1~190
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0930c074fa7d8dabed00af2ba39a177a8d00167f;p=thirdparty%2Fbugzilla.git

Fix for bug 72184: prevents users from entering too-large comments/descriptions that get rejected by MySQL's MAX_PACKET_SIZE restrictions.
Patch by Myk Melez <myk@mozilla.org>.
r=bbaetz,gerv
---

diff --git a/CGI.pl b/CGI.pl
index f91cbd6704..0882a967cc 100644
--- a/CGI.pl
+++ b/CGI.pl
@@ -324,6 +324,19 @@ sub ValidateBugID {
 
 }
 
+
+sub ValidateComment {
+    # Make sure a comment is not too large (greater than 64K).
+    
+    my ($comment) = @_;
+    
+    if (defined($comment) && length($comment) > 65535) {
+        DisplayError("Comments cannot be longer than 65,535 characters.");
+        exit;
+    }
+}
+
+
 # check and see if a given string actually represents a positive
 # integer, and abort if not.
 # 
diff --git a/attachment.cgi b/attachment.cgi
index 32b4ef4615..66c3236a70 100755
--- a/attachment.cgi
+++ b/attachment.cgi
@@ -77,6 +77,7 @@ elsif ($action eq "insert")
 {
   confirm_login();
   ValidateBugID($::FORM{'bugid'});
+  ValidateComment($::FORM{'comment'});
   validateFilename();
   validateData();
   validateDescription();
@@ -95,6 +96,7 @@ elsif ($action eq "edit")
 elsif ($action eq "update") 
 { 
   confirm_login();
+  ValidateComment($::FORM{'comment'});
   validateID();
   validateCanEdit($::FORM{'id'});
   validateDescription();
diff --git a/post_bug.cgi b/post_bug.cgi
index 0ae44d32fc..58048ef7ea 100755
--- a/post_bug.cgi
+++ b/post_bug.cgi
@@ -49,6 +49,8 @@ sub sillyness {
 
 confirm_login();
 
+ValidateComment($::FORM{'comment'});
+
 my $cookiepath = Param("cookiepath");
 print "Set-Cookie: PLATFORM=$::FORM{'product'} ; path=$cookiepath ; expires=Sun, 30-Jun-2029 00:00:00 GMT\n" if ( exists $::FORM{'product'} );
 print "Set-Cookie: VERSION-$::FORM{'product'}=$::FORM{'version'} ; path=$cookiepath ; expires=Sun, 30-Jun-2029 00:00:00 GMT\n" if ( exists $::FORM{'product'} && exists $::FORM{'version'} );
diff --git a/process_bug.cgi b/process_bug.cgi
index f2abb03904..fb3c0e4825 100755
--- a/process_bug.cgi
+++ b/process_bug.cgi
@@ -92,6 +92,8 @@ if (defined $::FORM{'dup_id'} && $::FORM{'knob'} eq "duplicate") {
     DuplicateUserConfirm();
 }
 
+ValidateComment($::FORM{'comment'});
+
 ######################################################################
 # End Data/Security Validation
 ######################################################################