[mantis] Fix broken patch

Gianluca Sforna giallu at fedoraproject.org
Fri Mar 22 14:50:40 UTC 2013 

commit 4198d2111b81e0866dc42f5c81f705cb3ea96151
Author: Gianluca Sforna <giallu at gmail.com>
Date:   Fri Mar 22 15:50:20 2013 +0100

    Fix broken patch

 mantis-1.2.14-fix-CVE-2013-1883.patch |   67 ++++++++++++++------------------
 mantis.spec                           |    2 +-
 2 files changed, 30 insertions(+), 39 deletions(-)
---
diff --git a/mantis-1.2.14-fix-CVE-2013-1883.patch b/mantis-1.2.14-fix-CVE-2013-1883.patch
index c380cee..12e0d91 100644
--- a/mantis-1.2.14-fix-CVE-2013-1883.patch
+++ b/mantis-1.2.14-fix-CVE-2013-1883.patch
@@ -1,47 +1,38 @@
+commit d16988c3ca232a751c91702eb0331f929f56858c
+Author: Damien Regad <damien.regad at merckgroup.com>
+Date:   Mon Mar 18 23:36:28 2013 +0100
+
+    Fix filter api issue with 'any condition' and text search
+    
+    A filter combining some criteria and a text search with 'any condition'
+    results in a cartesian product, which has the potential to bring down
+    the site as the RDBMS eats up all available resources.
+    
+    The root cause of this behavior is joining the bug_text table with a
+    from clause and setting the join's criteria in the query's where clause,
+    without taking consideration the operator's precedence (AND/OR).
+    
+    This commit resolves the problem by using a JOIN clause instead, which
+    makes the query cleaner.
+    
+    Fixes #15573
+
 diff --git a/core/filter_api.php b/core/filter_api.php
-index a52598c..68911e9 100644
+index 55edd46..a52598c 100644
 --- a/core/filter_api.php
 +++ b/core/filter_api.php
-@@ -1092,7 +1092,6 @@ function filter_get_bug_rows( &$p_page_number, &$p_per_page, &$p_page_count, &$p
+@@ -1995,11 +1995,10 @@ function filter_get_bug_rows( &$p_page_number, &$p_per_page, &$p_page_count, &$p
  
- 	$t_project_where_clauses =  array(
- 		"$t_project_table.enabled = " . db_param(),
--		"$t_project_table.id = $t_bug_table.project_id",
- 	);
- 	$t_where_params = array(
- 		1,
-@@ -1101,8 +1100,13 @@ function filter_get_bug_rows( &$p_page_number, &$p_per_page, &$p_page_count, &$p
- 		"$t_bug_table.*",
- 	);
- 
--	$t_join_clauses = array();
--	$t_from_clauses = array();
-+	$t_from_clauses = array(
-+		$t_bug_table,
-+	);
-+
-+	$t_join_clauses = array(
-+		"JOIN $t_project_table ON $t_project_table.id = $t_bug_table.project_id",
-+	);
- 
- 	// normalize the project filtering into an array $t_project_ids
- 	if( 'simple' == $t_view_type ) {
-@@ -1997,7 +2001,7 @@ function filter_get_bug_rows( &$p_page_number, &$p_per_page, &$p_page_count, &$p
+ 		# add text query elements to arrays
  		if ( !$t_first ) {
- 			$t_join_clauses[] = "JOIN $t_bug_text_table ON $t_bug_table.bug_text_id = $t_bug_text_table.id";
- 			$t_join_clauses[] = "LEFT JOIN $t_bugnote_table ON $t_bug_table.id = $t_bugnote_table.bug_id";
--			$t_join_clauses[] = "LEFT JOIN $t_bugnote_text_table ON $t_bugnote_table.bugnote_text_id = $t_bugnote_text_table.id";
-+			$t_join_clauses[] = "JOIN $t_bugnote_text_table ON $t_bugnote_table.bugnote_text_id = $t_bugnote_text_table.id";
+-			$t_from_clauses[] = "$t_bug_text_table";
+-			$t_where_clauses[] = "$t_bug_table.bug_text_id = $t_bug_text_table.id";
++			$t_join_clauses[] = "JOIN $t_bug_text_table ON $t_bug_table.bug_text_id = $t_bug_text_table.id";
++			$t_join_clauses[] = "LEFT JOIN $t_bugnote_table ON $t_bug_table.id = $t_bugnote_table.bug_id";
++			$t_join_clauses[] = "LEFT JOIN $t_bugnote_text_table ON $t_bugnote_table.bugnote_text_id = $t_bugnote_text_table.id";
  			$t_where_clauses[] = $t_textsearch_where_clause;
+-			$t_join_clauses[] = " LEFT JOIN $t_bugnote_table ON $t_bug_table.id = $t_bugnote_table.bug_id";
+-			$t_join_clauses[] = " LEFT JOIN $t_bugnote_text_table ON $t_bugnote_table.bugnote_text_id = $t_bugnote_text_table.id";
  		}
  	}
-@@ -2012,9 +2016,6 @@ function filter_get_bug_rows( &$p_page_number, &$p_per_page, &$p_page_count, &$p
- 
- 	log_event(LOG_FILTERING, 'Join operator : ' . $t_join_operator);
  
--	$t_from_clauses[] = $t_project_table;
--	$t_from_clauses[] = $t_bug_table;
--
- 	$t_query_clauses['select'] = $t_select_clauses;
- 	$t_query_clauses['from'] = $t_from_clauses;
- 	$t_query_clauses['join'] = $t_join_clauses;
diff --git a/mantis.spec b/mantis.spec
index c92b07e..513f9bf 100644
--- a/mantis.spec
+++ b/mantis.spec
@@ -70,7 +70,7 @@ This package contains configuration-files for Apache httpd 2.
 %patch2 -p1
 %patch3 -p1
 %patch4 -p1
-%patch5 -p0
+%patch5 -p1
 
 cp %{SOURCE1} ./doc/README.Fedora
 rm -rf packages docbook tests

More information about the scm-commits mailing list