Skip to content
Permalink
Browse files Browse the repository at this point in the history
- protect against too large bug numbers (causes pg errors)
- don't access @patch.patch_id@ for displayed_object_id, if it does
  not exist (view mode)
- don't perform message key subsitution in user contributed bug description
- add csrf protection for search
  • Loading branch information
gustafn committed May 25, 2016
1 parent bea6157 commit aee43e5
Show file tree
Hide file tree
Showing 5 changed files with 19 additions and 13 deletions.
3 changes: 2 additions & 1 deletion lib/nav-bar.adp
Expand Up @@ -10,7 +10,8 @@
<form action="@form_search_url@" method="get" name="search">
<input name="q" type="text" size="15" class="bt_navbar" value="#bug-tracker.Search#"
onFocus="javascript:this.value='';">
<input name="search_package_id" type="hidden" value="@package_id@">
<input name="search_package_id" type="hidden" value="@package_id@">
<if @::__csrf_token@ defined><input type="hidden" name="__csrf_token" value="@::__csrf_token;literal@"></if>
<input type="submit" value="#bug-tracker.Search#" class="bt_navbar_btn">
</form>
</if>
Expand Down
4 changes: 2 additions & 2 deletions lib/one-bug.adp
Expand Up @@ -9,12 +9,12 @@
@param style string (either "feed" or "display" -- default is display)
@param base_url url to the package (ok for this to be empty if in the package, trailing / expected)
</contract>
<h1>Bug @bug.bug_number_display@ - @bug.summary@ [@bug.component_name@]</h1>
<h1>Bug @bug.bug_number_display@ - @bug.summary;noi18n@ [@bug.component_name@]</h1>
<p>State: @bug.pretty_state@</p>
<if @bug.found_in_version_name@ not nil><p>Found in version: @bug.found_in_version_name@</p></if>
<if @bug.fix_for_version_name@ not nil><p>Fix for version: @bug.fix_for_version_name@</p></if>
<if @bug.fixed_in_version_name@ not nil><p>Fixed in version: @bug.fixed_in_version_name@</p></if>

<multiple name="roles"><p>@roles.role_pretty@: <a href="@roles.user_url@">@roles.user_name@</a></p></multiple>

@comments;noquote@
@comments;literal@
5 changes: 5 additions & 0 deletions www/bug.tcl
Expand Up @@ -14,6 +14,11 @@ ad_page_contract {
ad_complain "invalid value for show_patch_status"
}
}
check_bug_number -requires bug_number:integer {
if {$bug_number > 2**31} {
ad_complain "invalid bug number"
}
}
}

#####
Expand Down
2 changes: 1 addition & 1 deletion www/patch.adp
@@ -1,7 +1,7 @@
<master src="../lib/master">
<property name="doc(title)">@page_title;literal@</property>
<property name="context">@context;literal@</property>
<property name="displayed_object_id">@patch.patch_id;literal@</property>
<if @patch.patch_id@ defined><property name="displayed_object_id">@patch.patch_id;literal@</property></if>

<formtemplate id="patch"></formtemplate>

Expand Down
18 changes: 9 additions & 9 deletions www/patch.tcl
Expand Up @@ -6,7 +6,7 @@ ad_page_contract {
@cvs-id $Id$
} {
patch_number:integer,notnull
mode:optional
mode:word,optional
cancel_edit:optional
edit:optional
accept:optional
Expand Down Expand Up @@ -40,7 +40,7 @@ set patch_status [db_string patch_status {}]
set versions_p [bug_tracker::versions_p]

# Abort editing and return to view mode if the user hit cancel on the edit form
if { ([info exists cancel_edit] && $cancel_edit ne "") } {
if { [info exists cancel_edit] && $cancel_edit ne "" } {
ad_returnredirect $view_patch_url
ad_script_abort
}
Expand All @@ -58,17 +58,17 @@ if { ([info exists download] && $download ne "") } {
# Initialize the page mode variable
# We are in view mode per default
if { ![info exists mode] } {
if { ([info exists edit] && $edit ne "") } {
if { [info exists edit] && $edit ne "" } {
set mode edit
} elseif { ([info exists accept] && $accept ne "") } {
} elseif { [info exists accept] && $accept ne "" } {
set mode accept
} elseif { ([info exists refuse] && $refuse ne "") } {
} elseif { [info exists refuse] && $refuse ne "" } {
set mode refuse
} elseif { ([info exists delete] && $delete ne "") } {
} elseif { [info exists delete] && $delete ne "" } {
set mode delete
} elseif { ([info exists reopen] && $reopen ne "") } {
} elseif { [info exists reopen] && $reopen ne "" } {
set mode reopen
} elseif { ([info exists comment] && $comment ne "") } {
} elseif { [info exists comment] && $comment ne "" } {
set mode comment
} else {
set mode view
Expand Down Expand Up @@ -416,7 +416,7 @@ if { [form is_request patch] } {
}
}

if { [form is_valid patch] } {
if { [form is_valid patch] && $mode ne "view"} {
# A valid submit of the form

set update_exprs [list]
Expand Down

0 comments on commit aee43e5

Please sign in to comment.