diff options
| author | Denys Vlasenko <vda.linux@googlemail.com> | 2010-01-21 02:56:53 +0100 |
|---|---|---|
| committer | Denys Vlasenko <vda.linux@googlemail.com> | 2010-01-21 02:56:53 +0100 |
| commit | 6443695f275167adb123070daf2a6b6ecc0bb371 (patch) | |
| tree | e55e9cb7795f3a5fb239793eab60f2320fe11cbc /lib/Plugins/Bugzilla.cpp | |
| parent | f1322558475277ffed7a9c61f4b9478b4dd1d46c (diff) | |
| download | abrt-6443695f275167adb123070daf2a6b6ecc0bb371.tar.gz abrt-6443695f275167adb123070daf2a6b6ecc0bb371.tar.xz abrt-6443695f275167adb123070daf2a6b6ecc0bb371.zip | |
abrtd: fix Report() dbus call gaping security holes
We were blindly trusting the values passed to us
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Diffstat (limited to 'lib/Plugins/Bugzilla.cpp')
| -rw-r--r-- | lib/Plugins/Bugzilla.cpp | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/Plugins/Bugzilla.cpp b/lib/Plugins/Bugzilla.cpp index aafa0198..f0e366b2 100644 --- a/lib/Plugins/Bugzilla.cpp +++ b/lib/Plugins/Bugzilla.cpp @@ -287,7 +287,7 @@ uint32_t ctx::new_bug(const map_crash_data_t& pCrashData) const std::string& component = get_crash_data_item_content(pCrashData, FILENAME_COMPONENT); const std::string& release = get_crash_data_item_content(pCrashData, FILENAME_RELEASE); const std::string& arch = get_crash_data_item_content(pCrashData, FILENAME_ARCHITECTURE); - const std::string& uuid = get_crash_data_item_content(pCrashData, CD_UUID); + const std::string& uuid = get_crash_data_item_content(pCrashData, CD_DUPHASH); std::string summary = "[abrt] crash in " + package; std::string status_whiteboard = "abrt_hash:" + uuid; @@ -434,7 +434,7 @@ std::string CReporterBugzilla::Report(const map_crash_data_t& pCrashData, } const std::string& component = get_crash_data_item_content(pCrashData, FILENAME_COMPONENT); - const std::string& uuid = get_crash_data_item_content(pCrashData, CD_UUID); + const std::string& uuid = get_crash_data_item_content(pCrashData, CD_DUPHASH); try { ctx bz_server(BugzillaXMLRPC.c_str(), NoSSLVerify); |