From: Frédéric Buclin <LpSolit@gmail.com>
Date: Thu, 4 Aug 2011 20:53:52 +0000 (+0200)
Subject: Bug 674497: (CVE-2011-2979) [SECURITY] Custom searches let you determine if a group... 
X-Git-Tag: bugzilla-4.1.3~3
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=af8e935a3e793538b21e5a952e0963e7b9af044e;p=thirdparty%2Fbugzilla.git

Bug 674497: (CVE-2011-2979) [SECURITY] Custom searches let you determine if a group exists or not
r=glob a=LpSolit
---

diff --git a/Bugzilla/Search.pm b/Bugzilla/Search.pm
index 16e72b2960..a5c3e032da 100644
--- a/Bugzilla/Search.pm
+++ b/Bugzilla/Search.pm
@@ -2007,7 +2007,7 @@ sub _contact_exact_group {
     my $user = $self->_user;
     
     $value =~ /\%group\.([^%]+)%/;
-    my $group = Bugzilla::Group->check($1);
+    my $group = Bugzilla::Group->check({ name => $1, _error => 'invalid_group_name' });
     $group->check_members_are_visible();
     $user->in_group($group)
       || ThrowUserError('invalid_group_name', {name => $group->name});
@@ -2054,7 +2054,7 @@ sub _cc_exact_group {
     my $dbh = Bugzilla->dbh;
     
     $value =~ m/%group\.([^%]+)%/;
-    my $group = Bugzilla::Group->check($1);
+    my $group = Bugzilla::Group->check({ name => $1, _error => 'invalid_group_name' });
     $group->check_members_are_visible();
     $user->in_group($group)
       || ThrowUserError('invalid_group_name', {name => $group->name});