Closed Bug 38870 Opened 25 years ago Closed 23 years ago

Can attach to an invalid bug number

Categories

(Bugzilla :: Creating/Changing Bugs, defect, P1)

Other
Other
defect

Tracking

()

RESOLVED FIXED
Bugzilla 2.16

People

(Reporter: jruderman, Assigned: myk)

References

()

Details

i'm submitting this because "you have an error in your sql syntax" sounds like a bad (potentially security-compromising) bug, not because i expect "eliminate all sql errors in bugzilla" to happen any time soon. Attachment to bug 1111000 created Content-type: text/html Software error: select login_name from profiles where userid = : You have an error in your SQL syntax near '' at line 1 at globals.pl line 133. Please send mail to this site's webmaster for help.
This might be a dup of bug 38784 but the error looks different...
i stumbled onto http://bugzilla.mozilla.org/sanitycheck.cgi today and noticed the number 1111000 as one of the errors listed.
the problem is that createattachment.cgi doesn't make sure the bug exists. it seems to check to make sure the bug number is in fact a number.
see bug 40000 for an example of a result of this bug.
Doesn't mysql support referential transparency? I didn't think this should have been allowed to happen ... Bug #39557 is related.
Whiteboard: 2.14
Whiteboard: 2.14 → 2.16
moving to real milestones...
Target Milestone: --- → Bugzilla 2.16
I meant "refential integrity" above of course. Pity the answer's no.
Priority: P3 → P1
Whiteboard: 2.16
I think this one can probably be closed now... Bugzilla does check for valid bug numbers before it does anything [part of the permission checking procedure in ValidateBugID()].
Assignee: tara → myk
Component: Bugzilla → Creating/Changing Bugs
Product: Webtools → Bugzilla
Version: other → unspecified
I just tried this, and I was able to create an attachment to a non existent bug (filed bug #98098 for cleanup). It allows this both in that it pops up a UI, and that it does the actual attachment.
New attachment interface does not have this problem.
Depends on: 109480
Summary: sql syntax error when submitting attachment to bug 1111000 → Can attach to an invalid bug number
The old attachment interface has been removed per bug 109480. Resolving this bug fixed.
Status: NEW → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED
QA Contact: matty_is_a_geek → default-qa
You need to log in before you can comment on or make changes to this bug.