Bug 1253267: Possible DOT injection vulnerability in dependency graphs if long bug...

author Frédéric Buclin <LpSolit@gmail.com>

Tue, 15 Mar 2016 16:11:52 +0000 (17:11 +0100)

committer Frédéric Buclin <LpSolit@gmail.com>

Tue, 15 Mar 2016 16:11:52 +0000 (17:11 +0100)
author Frédéric Buclin <LpSolit@gmail.com>
Tue, 15 Mar 2016 16:11:52 +0000 (17:11 +0100)
committer Frédéric Buclin <LpSolit@gmail.com>
Tue, 15 Mar 2016 16:11:52 +0000 (17:11 +0100)
diff --git a/showdependencygraph.cgi b/showdependencygraph.cgi

index 476df1e8eb6eb6b47549aaceeb2a04a2533235dd..6d4cb1e71bb5307070b4c51ba7051a25b5ad76df 100755 (executable)
--- a/showdependencygraph.cgi
+++ b/showdependencygraph.cgi
@@ -198,6 +198,9 @@ foreach my $k (@bug_ids) {
              utf8::encode($summary) if utf8::is_utf8($summary);
          }
          $summary =~ s/([\\\"])/\\$1/g;
+        # Newlines must be escaped too, to not break the .map file
+        # and to prevent code injection.
+        $summary =~ s/\n/\\n/g;
          push(@params, qq{label="$k\\n$summary"});
      }
author	Frédéric Buclin <LpSolit@gmail.com>
	Tue, 15 Mar 2016 16:11:52 +0000 (17:11 +0100)
committer	Frédéric Buclin <LpSolit@gmail.com>
	Tue, 15 Mar 2016 16:11:52 +0000 (17:11 +0100)