From: jouni%heikniemi.net <>
Date: Sun, 23 May 2004 14:22:32 +0000 (+0000)
Subject: Bug 141006: Run edit*.cgis in taint mode.
X-Git-Tag: bugzilla-2.18rc1~57
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=39e9e3e67ce70d2fa7fefe947a6592f2541ba6ef;p=thirdparty%2Fbugzilla.git

Bug 141006: Run edit*.cgis in taint mode.
Patch by byron jones <bugzilla@glob.com.au>
r=jouni, a=justdave
---

diff --git a/editcomponents.cgi b/editcomponents.cgi
index f570366652..4c00050fa1 100755
--- a/editcomponents.cgi
+++ b/editcomponents.cgi
@@ -1,4 +1,4 @@
-#!/usr/bin/perl -w
+#!/usr/bin/perl -wT
 # -*- Mode: perl; indent-tabs-mode: nil -*-
 #
 # The contents of this file are subject to the Mozilla Public
diff --git a/editmilestones.cgi b/editmilestones.cgi
index e5c8844bd2..43cded1eac 100755
--- a/editmilestones.cgi
+++ b/editmilestones.cgi
@@ -1,4 +1,4 @@
-#!/usr/bin/perl -w
+#!/usr/bin/perl -wT
 # -*- Mode: perl; indent-tabs-mode: nil -*-
 
 #
diff --git a/editparams.cgi b/editparams.cgi
index aaa2b087af..8ffd76a08e 100755
--- a/editparams.cgi
+++ b/editparams.cgi
@@ -1,4 +1,4 @@
-#!/usr/bin/perl -w
+#!/usr/bin/perl -wT
 # -*- Mode: perl; indent-tabs-mode: nil -*-
 #
 # The contents of this file are subject to the Mozilla Public
diff --git a/editproducts.cgi b/editproducts.cgi
index 79fed44115..4fa2cb43df 100755
--- a/editproducts.cgi
+++ b/editproducts.cgi
@@ -1,4 +1,4 @@
-#!/usr/bin/perl -w
+#!/usr/bin/perl -wT
 # -*- Mode: perl; indent-tabs-mode: nil -*-
 #
 # The contents of this file are subject to the Mozilla Public
diff --git a/editusers.cgi b/editusers.cgi
index aa760b1e1e..abe4b6194e 100755
--- a/editusers.cgi
+++ b/editusers.cgi
@@ -1,4 +1,4 @@
-#!/usr/bin/perl -w
+#!/usr/bin/perl -wT
 # -*- Mode: perl; indent-tabs-mode: nil -*-
 #
 # The contents of this file are subject to the Mozilla Public
diff --git a/editversions.cgi b/editversions.cgi
index 43fe457112..a3a2e2cc5b 100755
--- a/editversions.cgi
+++ b/editversions.cgi
@@ -1,4 +1,4 @@
-#!/usr/bin/perl -w
+#!/usr/bin/perl -wT
 # -*- Mode: perl; indent-tabs-mode: nil -*-
 #
 # The contents of this file are subject to the Mozilla Public
diff --git a/t/002goodperl.t b/t/002goodperl.t
index 1cfb6a06f2..92a01fc2d1 100644
--- a/t/002goodperl.t
+++ b/t/002goodperl.t
@@ -59,13 +59,8 @@ foreach my $file (@testitems) {
             ok(0, "$file is a module, but has a shebang");
             next;
         } elsif ($ext eq "cgi") {
-            # cgi files must be taint checked, but only the user-accessible
-            # ones have been checked so far
-            if ($file =~ m/^edit/) {
-                $flags = "w";
-            } else {
-                $flags = "wT";
-            }
+            # cgi files must be taint checked
+            $flags = "wT";
         } else {
             ok(0, "$file has shebang but unknown extension");
             next;