diff options
author | Byron Jones <glob@glob.com.au> | 2010-11-03 00:18:33 +0100 |
---|---|---|
committer | Frédéric Buclin <LpSolit@gmail.com> | 2010-11-03 00:18:33 +0100 |
commit | 3f3cc3c9ac50a9e43fc98dfd84c675ba22ada22b (patch) | |
tree | f9d640c64d83213421689adac4942606899e0a09 /Bugzilla/CGI.pm | |
parent | Bug 419014: (CVE-2010-3764) [SECURITY] Old charts are not project specific, a... (diff) | |
download | bugzilla-3f3cc3c9ac50a9e43fc98dfd84c675ba22ada22b.tar.gz bugzilla-3f3cc3c9ac50a9e43fc98dfd84c675ba22ada22b.tar.bz2 bugzilla-3f3cc3c9ac50a9e43fc98dfd84c675ba22ada22b.zip |
Bug 600464: (CVE-2010-3172) [SECURITY] Content/Header injection due to non-random multipart/x-mixed-replace boundary
r=mkanat a=LpSolit
Diffstat (limited to 'Bugzilla/CGI.pm')
-rw-r--r-- | Bugzilla/CGI.pm | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/Bugzilla/CGI.pm b/Bugzilla/CGI.pm index a9b938c6d..8ec3ac28e 100644 --- a/Bugzilla/CGI.pm +++ b/Bugzilla/CGI.pm @@ -213,7 +213,8 @@ sub multipart_init { } # Set the MIME boundary and content-type - my $boundary = $param{'-boundary'} || '------- =_aaaaaaaaaa0'; + my $boundary = $param{'-boundary'} + || '------- =_' . generate_random_password(16); delete $param{'-boundary'}; $self->{'separator'} = "\r\n--$boundary\r\n"; $self->{'final_separator'} = "\r\n--$boundary--\r\n"; |