gforge-commits
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Gforge-commits] gforge/common/frs FRSFile.class,1.11,1.12

From: mpeltier
Subject: [Gforge-commits] gforge/common/frs FRSFile.class,1.11,1.12
Date: Sat, 11 Dec 2004 18:08:12 -0600 
Update of /cvsroot/gforge/gforge/common/frs
In directory db.perdue.net:/tmp/cvs-serv12916/common/frs

Modified Files:
        FRSFile.class 
Log Message:
Fixed hopefully security pb introduced by my last commit (reported by Tim):
check that the new package and release id are ok and belong to the
same project before doing the update.


Index: FRSFile.class
===================================================================
RCS file: /cvsroot/gforge/gforge/common/frs/FRSFile.class,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -d -r1.11 -r1.12
--- FRSFile.class       10 Dec 2004 00:22:40 -0000      1.11
+++ FRSFile.class       12 Dec 2004 00:08:09 -0000      1.12
@@ -321,10 +321,11 @@
         *      @param  int     The type_id of this file from the 
frs-file-types table.
         *      @param  int     The processor_id of this file from the 
frs-processor-types table.
         *      @param  int     The release_date of this file in unix time 
(seconds).
+        *      @param  int     The package_id of the package the release of 
this file belongs to.
         *      @param  int     The release_id of the release this file belongs 
to.
         *      @return boolean success.
         */
-       function update($type_id,$processor_id,$release_time,$release_id) {
+       function 
update($type_id,$processor_id,$release_time,$package_id,$release_id) {
                $perm =& $this->FRSRelease->FRSPackage->Group->getPermission( 
session_get_user() );
 
                if (!$perm || !is_object($perm) || 
!$perm->isReleaseTechnician()) {
@@ -332,6 +333,22 @@
                        return false;
                }
 
+               // Does the new package id value really correspond to a package 
of this group?
+               $frsp = new 
FRSPackage($this->FRSRelease->FRSPackage->Group,$package_id);
+               if (!$frsp || !is_object($frsp)) {
+                       exit_error('Error','Could Not Get New FRSPackage');
+               } elseif ($frsp->isError()) {
+                       exit_error('Error',$frsp->getErrorMessage());
+               }
+
+               // Does the new release id value really correspond to a release 
of the new package?
+               $frsr = new FRSRelease($frsp,$release_id);
+               if (!$frsr || !is_object($frsr)) {
+                       exit_error('Error','Could Not Get New FRSRelease');
+               } elseif ($frsr->isError()) {
+                       exit_error('Error',$frsr->getErrorMessage());
+               }
+
                $res=db_query("UPDATE frs_file SET
                        type_id='$type_id',
                        processor_id='$processor_id',
@@ -345,9 +362,7 @@
                }
 
                return true;
-
        }
-
 }
 
 ?>
reply via email to
[Prev in Thread] Current Thread [Next in Thread]