From: Frédéric Buclin Date: Sat, 6 Feb 2010 18:04:07 +0000 (+0100) Subject: Bug 515568: handle_login() doesn't check $@ after eval X-Git-Tag: bugzilla-3.4.6~23 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b6b15bb96abafec934613904faf5c418c0a05464;p=thirdparty%2Fbugzilla.git Bug 515568: handle_login() doesn't check $@ after eval r/a=mkanat --- diff --git a/Bugzilla/WebService/Constants.pm b/Bugzilla/WebService/Constants.pm index e47beb1f26..4ecb200958 100644 --- a/Bugzilla/WebService/Constants.pm +++ b/Bugzilla/WebService/Constants.pm @@ -112,6 +112,8 @@ use constant WS_ERROR_CODE => { invalid_user_group => 504, user_access_by_id_denied => 505, user_access_by_match_denied => 505, + # Fatal errors (must be negative). + unknown_method => -32601, }; # These are the fallback defaults for errors not in ERROR_CODE. diff --git a/Bugzilla/WebService/Server.pm b/Bugzilla/WebService/Server.pm index dfb9f559a1..ffc54c612a 100644 --- a/Bugzilla/WebService/Server.pm +++ b/Bugzilla/WebService/Server.pm @@ -18,10 +18,12 @@ package Bugzilla::WebService::Server; use strict; use Bugzilla::Util qw(ssl_require_redirect); +use Bugzilla::Error; sub handle_login { my ($self, $class, $method, $full_method) = @_; eval "require $class"; + ThrowCodeError('unknown_method', {method => $full_method}) if $@; return if $class->login_exempt($method); Bugzilla->login(); diff --git a/template/en/default/global/code-error.html.tmpl b/template/en/default/global/code-error.html.tmpl index 626ad50082..4f5ba27f44 100644 --- a/template/en/default/global/code-error.html.tmpl +++ b/template/en/default/global/code-error.html.tmpl @@ -449,6 +449,9 @@ I could not figure out what you wanted to do. [% END %] + [% ELSIF error == "unknown_method" %] + The requested method '[% method FILTER html %]' was not found. + [% ELSIF error == "usage_mode_invalid" %] '[% invalid_usage_mode FILTER html %]' is not a valid usage mode.