Item9341: validate tainted group name

git-svn-id: http://svn.foswiki.org/trunk@8206 0b4bb1d4-4e5a-0410-9cc4-b2b747904278
foswiki · Jul 16, 2010 · 0a5e048 · 0a5e048
1 parent 978f30d
commit 0a5e048
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 3 deletions.
diff --git a/TopicUserMappingContrib/data/System/DefaultUserRegistration.txt b/TopicUserMappingContrib/data/System/DefaultUserRegistration.txt
@@ -57,8 +57,8 @@ Other sections define the fields and extra info text.
 <input type="hidden" name="action" value="register" />
 </form>
 </div>
-%ADDTOHEAD{"UserRegistrationStyle"
-text="<style type=\"text/css\" media=\"all\">
+%ADDTOZONE{"head" tag="UserRegistrationStyle"
+text="<style type='text/css' media='all'>
 .registration .foswikiFormSteps {
 	margin:.5em 0 1em 0;
 }
@@ -128,7 +128,7 @@ text="<style type=\"text/css\" media=\"all\">
 	color:#f00;
 }
 </style>
-<script type=\"text/javascript\" src=\"%PUBURL%/%SYSTEMWEB%/JavascriptFiles/foswikiString.js\"></script>"
+<script type='text/javascript' src='%PUBURL%/%SYSTEMWEB%/JavascriptFiles/foswikiString.js'></script>"
 }%%ENDSECTION{"form"}%
 
 

diff --git a/TopicUserMappingContrib/lib/Foswiki/Users/TopicUserMapping.pm b/TopicUserMappingContrib/lib/Foswiki/Users/TopicUserMapping.pm
@@ -595,6 +595,11 @@ sub eachGroupMember {
     my $this  = shift;
     my $group = shift;
 
+    if (Scalar::Util::tainted($group)) {
+        $group = Foswiki::Sandbox::untaint(
+            $group, \&Foswiki::Sandbox::validateTopicName);
+    }
+
     return new Foswiki::ListIterator( $this->{eachGroupMember}->{$group} )
       if ( defined( $this->{eachGroupMember}->{$group} ) );