aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorHugo Seabrook <hugo.seabrook@gmail.com>2013-02-16 23:23:14 +0100
committerFrédéric Buclin <LpSolit@gmail.com>2013-02-16 23:23:14 +0100
commit81c26ce64c05a0c4a7b800f5212412e96fb2e4cc (patch)
tree471a9151d25791fc3930f8eabcff5b204f824fbc /Bugzilla
parentBug 840824: It is possible to create a new bug with a non active target miles... (diff)
downloadbugzilla-81c26ce64c05a0c4a7b800f5212412e96fb2e4cc.tar.gz
bugzilla-81c26ce64c05a0c4a7b800f5212412e96fb2e4cc.tar.bz2
bugzilla-81c26ce64c05a0c4a7b800f5212412e96fb2e4cc.zip
Bug 825758: Most Bugzilla::BugUrl::* modules incorrectly validate the domain name
r/a=LpSolit
Diffstat (limited to 'Bugzilla')
-rw-r--r--Bugzilla/BugUrl/Debian.pm2
-rw-r--r--Bugzilla/BugUrl/GitHub.pm2
-rw-r--r--Bugzilla/BugUrl/Google.pm2
-rw-r--r--Bugzilla/BugUrl/Launchpad.pm2
-rw-r--r--Bugzilla/BugUrl/SourceForge.pm2
5 files changed, 5 insertions, 5 deletions
diff --git a/Bugzilla/BugUrl/Debian.pm b/Bugzilla/BugUrl/Debian.pm
index 78397bdd9..cce4c25fd 100644
--- a/Bugzilla/BugUrl/Debian.pm
+++ b/Bugzilla/BugUrl/Debian.pm
@@ -19,7 +19,7 @@ sub should_handle {
# Debian BTS URLs can look like various things:
# http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1234
# http://bugs.debian.org/1234
- return ($uri->authority =~ /^bugs.debian.org$/i
+ return (lc($uri->authority) eq 'bugs.debian.org'
and (($uri->path =~ /bugreport\.cgi$/
and $uri->query_param('bug') =~ m|^\d+$|)
or $uri->path =~ m|^/\d+$|)) ? 1 : 0;
diff --git a/Bugzilla/BugUrl/GitHub.pm b/Bugzilla/BugUrl/GitHub.pm
index 63be65bed..eeffa2ed6 100644
--- a/Bugzilla/BugUrl/GitHub.pm
+++ b/Bugzilla/BugUrl/GitHub.pm
@@ -18,7 +18,7 @@ sub should_handle {
# GitHub issue URLs have only one form:
# https://github.com/USER_OR_TEAM_OR_ORGANIZATION_NAME/REPOSITORY_NAME/issues/111
- return ($uri->authority =~ /^github.com$/i
+ return (lc($uri->authority) eq 'github.com'
and $uri->path =~ m|^/[^/]+/[^/]+/issues/\d+$|) ? 1 : 0;
}
diff --git a/Bugzilla/BugUrl/Google.pm b/Bugzilla/BugUrl/Google.pm
index 8b8638c7a..9c49f0dcc 100644
--- a/Bugzilla/BugUrl/Google.pm
+++ b/Bugzilla/BugUrl/Google.pm
@@ -18,7 +18,7 @@ sub should_handle {
# Google Code URLs only have one form:
# http(s)://code.google.com/p/PROJECT_NAME/issues/detail?id=1234
- return ($uri->authority =~ /^code.google.com$/i
+ return (lc($uri->authority) eq 'code.google.com'
and $uri->path =~ m|^/p/[^/]+/issues/detail$|
and $uri->query_param('id') =~ /^\d+$/) ? 1 : 0;
}
diff --git a/Bugzilla/BugUrl/Launchpad.pm b/Bugzilla/BugUrl/Launchpad.pm
index 87fb71a5d..2ae2c383d 100644
--- a/Bugzilla/BugUrl/Launchpad.pm
+++ b/Bugzilla/BugUrl/Launchpad.pm
@@ -20,7 +20,7 @@ sub should_handle {
# https://bugs.launchpad.net/ubuntu/+bug/1234
# https://launchpad.net/bugs/1234
# All variations end with either "/bugs/1234" or "/+bug/1234"
- return ($uri->authority =~ /launchpad.net$/
+ return ($uri->authority =~ /launchpad\.net$/
and $uri->path =~ m|bugs?/\d+$|) ? 1 : 0;
}
diff --git a/Bugzilla/BugUrl/SourceForge.pm b/Bugzilla/BugUrl/SourceForge.pm
index 11cdd0ff1..fcc720049 100644
--- a/Bugzilla/BugUrl/SourceForge.pm
+++ b/Bugzilla/BugUrl/SourceForge.pm
@@ -18,7 +18,7 @@ sub should_handle {
# SourceForge tracker URLs have only one form:
# http://sourceforge.net/tracker/?func=detail&aid=111&group_id=111&atid=111
- return ($uri->authority =~ /^sourceforge.net$/i
+ return (lc($uri->authority) eq 'sourceforge.net'
and $uri->path =~ m|/tracker/|
and $uri->query_param('func') eq 'detail'
and $uri->query_param('aid')