From: Byron Jones Date: Tue, 2 Nov 2010 23:20:21 +0000 (+0100) Subject: Bug 600464: (CVE-2010-3172) [SECURITY] Content/Header injection due to non-random... X-Git-Tag: bugzilla-4.0rc1~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=81f1b8ab82fa5e2288ff80a0c2295381196adf37;p=thirdparty%2Fbugzilla.git Bug 600464: (CVE-2010-3172) [SECURITY] Content/Header injection due to non-random multipart/x-mixed-replace boundary r=mkanat a=LpSolit --- diff --git a/Bugzilla/CGI.pm b/Bugzilla/CGI.pm index 6b60095170..1dfca0a604 100644 --- a/Bugzilla/CGI.pm +++ b/Bugzilla/CGI.pm @@ -225,7 +225,8 @@ sub multipart_init { } # Set the MIME boundary and content-type - my $boundary = $param{'-boundary'} || '------- =_aaaaaaaaaa0'; + my $boundary = $param{'-boundary'} + || '------- =_' . generate_random_password(16); delete $param{'-boundary'}; $self->{'separator'} = "\r\n--$boundary\r\n"; $self->{'final_separator'} = "\r\n--$boundary--\r\n";