[Koha-bugs] [Bug 24788] Koha::Object->store calls column names as methods, relying on AUTOLOAD, with possibly surprising results
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Fri Mar 6 11:12:46 CET 2020
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=24788
Marcel de Rooy <m.de.rooy at rijksmuseum.nl> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #100064|0 |1
is obsolete| |
--- Comment #5 from Marcel de Rooy <m.de.rooy at rijksmuseum.nl> ---
Created attachment 100228
-->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=100228&action=edit
Bug 24788: Remove autoloaded column accessors in Koha::Object->store
Columns are accessed as methods, relying on AUTOLOAD, in
Koha::Object->store. This has security implications and could also be a
source of strange bugs.
To test:
1) Apply patches for Bug 14957
2) Follow the testing instructions, when saving a new marc rule and
error is thrown.
3) Apply patch
4) Try saving a new rule once again, this should now work
Signed-off-by: David Nind <david at davidnind.com>
Signed-off-by: Marcel de Rooy <m.de.rooy at rijksmuseum.nl>
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list