MantisBT: master a908cc61

Author Committer Branch Timestamp Parent
Paul Richards Paul Richards master 2011-08-29 05:43 master 224b0f8b
Affected Issues  0013281: MantisBT Security Vulnerabilities Notification
Changeset

Rework the bug action group api such that we can easily convert this to an object in the future, and to validate calls to require once.

This leads to a security issue identified by IBM's Appscan program, whereby calls to require_once are not validated.
Depending on webserver configuration, this is a file inclusion vulnerability.

There will be a follow up commit to config api - probably:

  • if( $g_project_override != null ) {
  • if( $g_project_override != null && $p_project == null ) {

At the moment, the action group API calls config_get with a project parameter to use. This is ignored, due to project_override being set - so we either need to:
a) change project override within the command list function
b) modifify config api to only use the project override if it is attempting to look up information on the default project.

mod - bug_actiongroup_add_note_inc.php Diff File
mod - bug_actiongroup_attach_tags_inc.php Diff File
mod - bug_actiongroup_ext.php Diff File
mod - bug_actiongroup_ext_page.php Diff File
mod - bug_actiongroup_page.php Diff File
mod - bug_actiongroup_update_product_build_inc.php Diff File
mod - bug_actiongroup_update_severity_inc.php Diff File
mod - core/bug_group_action_api.php Diff File