From ed68872c4207f4b879fcdbfc15b38a7085a3c03b Mon Sep 17 00:00:00 2001
From: "lpsolit%gmail.com" <>
Date: Wed, 19 Oct 2005 00:48:07 +0000
Subject: [PATCH] =?utf8?q?Bug=20302936:=20Reject=20the=20requestee=20if=20?=
 =?utf8?q?he=20cannot=20access=20private=20attachments=20-=20Patch=20by=20?=
 =?utf8?q?Fr=C3=A9d=C3=A9ric=20Buclin=20<LpSolit@gmail.com>=20r=3Djouni=20?=
 =?utf8?q?a=3Djustdave?=
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

---
 Bugzilla/Flag.pm     | 5 ++++-
 Bugzilla/FlagType.pm | 3 +++
 attachment.cgi       | 8 ++++----
 3 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/Bugzilla/Flag.pm b/Bugzilla/Flag.pm
index 65636d78c3..9c8a857f70 100644
--- a/Bugzilla/Flag.pm
+++ b/Bugzilla/Flag.pm
@@ -228,10 +228,13 @@ sub count {
 
 =over
 
-=item C<validate($cgi, $bug_id)>
+=item C<validate($cgi, $bug_id, $attach_id)>
 
 Validates fields containing flag modifications.
 
+If the attachment is new, it has no ID yet and $attach_id is set
+to -1 to force its check anyway.
+
 =back
 
 =cut
diff --git a/Bugzilla/FlagType.pm b/Bugzilla/FlagType.pm
index 49c9f777e8..49620e3327 100644
--- a/Bugzilla/FlagType.pm
+++ b/Bugzilla/FlagType.pm
@@ -321,6 +321,9 @@ to extract flag type IDs from form field names by matching columns
 whose name looks like "flag_type-nnn", where "nnn" is the ID,
 and returning just the ID portion of matching field names.
 
+If the attachment is new, it has no ID yet and $attach_id is set
+to -1 to force its check anyway.
+
 =back
 
 =cut
diff --git a/attachment.cgi b/attachment.cgi
index e4cbe8eed7..f87f378d54 100755
--- a/attachment.cgi
+++ b/attachment.cgi
@@ -913,11 +913,11 @@ sub insert
         $vars->{'message'} = 'user_match_multiple';
     }
 
-    # Flag::validate() should not detect any reference to existing
-    # flags when creating a new attachment. Setting the third param
-    # to -1 will force this function to check this point.
+    # FlagType::validate() and Flag::validate() should not detect
+    # any reference to existing flags when creating a new attachment.
+    # Setting the third param to -1 will force this function to check this point.
     Bugzilla::Flag::validate($cgi, $bugid, -1);
-    Bugzilla::FlagType::validate($cgi, $bugid);
+    Bugzilla::FlagType::validate($cgi, $bugid, -1);
 
     # Escape characters in strings that will be used in SQL statements.
     my $sql_filename = SqlQuote($filename);
-- 
2.47.3