From 7ebe0a99169f2a143ccb20da5d1918a99ccaaf7d Mon Sep 17 00:00:00 2001 From: Unknwon Date: Thu, 22 Dec 2016 19:19:56 -0500 Subject: [PATCH] Fix vulnerabilities reported in #3959 --- README.md | 2 +- gogs.go | 2 +- models/token.go | 9 ++++++--- routers/api/v1/user/email.go | 1 + routers/user/setting.go | 7 +++++-- templates/.VERSION | 2 +- 6 files changed, 15 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index f6843e1d9..dc5b2e63f 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ Gogs - Go Git Service [![Build Status](https://travis-ci.org/gogits/gogs.svg?bra ![](https://github.com/gogits/gogs/blob/master/public/img/gogs-large-resize.png?raw=true) -##### Current tip version: 0.9.107 (see [Releases](https://github.com/gogits/gogs/releases) for binary versions ~~or submit a task on [alpha stage automated binary building system](https://build.gogs.io/)~~) +##### Current tip version: 0.9.108 (see [Releases](https://github.com/gogits/gogs/releases) for binary versions ~~or submit a task on [alpha stage automated binary building system](https://build.gogs.io/)~~) | Web | UI | Preview | |:-------------:|:-------:|:-------:| diff --git a/gogs.go b/gogs.go index 71cf3455b..68d34ed5c 100644 --- a/gogs.go +++ b/gogs.go @@ -17,7 +17,7 @@ import ( "github.com/gogits/gogs/modules/setting" ) -const APP_VER = "0.9.107.1222" +const APP_VER = "0.9.108.1222" func init() { runtime.GOMAXPROCS(runtime.NumCPU()) diff --git a/models/token.go b/models/token.go index 2c1f64ce0..85600dab0 100644 --- a/models/token.go +++ b/models/token.go @@ -81,8 +81,11 @@ func UpdateAccessToken(t *AccessToken) error { return err } -// DeleteAccessTokenByID deletes access token by given ID. -func DeleteAccessTokenByID(id int64) error { - _, err := x.Id(id).Delete(new(AccessToken)) +// DeleteAccessTokenByUserID deletes access token by given ID. +func DeleteAccessTokenByUserID(userID, id int64) error { + _, err := x.Delete(&AccessToken{ + ID: id, + UID: userID, + }) return err } diff --git a/routers/api/v1/user/email.go b/routers/api/v1/user/email.go index 1f615cdff..168f383a3 100644 --- a/routers/api/v1/user/email.go +++ b/routers/api/v1/user/email.go @@ -69,6 +69,7 @@ func DeleteEmail(ctx *context.APIContext, form api.CreateEmailOption) { emails := make([]*models.EmailAddress, len(form.Emails)) for i := range form.Emails { emails[i] = &models.EmailAddress{ + UID: ctx.User.ID, Email: form.Emails[i], } } diff --git a/routers/user/setting.go b/routers/user/setting.go index 35bff3263..9d09646cf 100644 --- a/routers/user/setting.go +++ b/routers/user/setting.go @@ -280,7 +280,10 @@ func SettingsEmailPost(ctx *context.Context, form auth.AddEmailForm) { } func DeleteEmail(ctx *context.Context) { - if err := models.DeleteEmailAddress(&models.EmailAddress{ID: ctx.QueryInt64("id")}); err != nil { + if err := models.DeleteEmailAddress(&models.EmailAddress{ + ID: ctx.QueryInt64("id"), + UID: ctx.User.ID, + }); err != nil { ctx.Handle(500, "DeleteEmail", err) return } @@ -409,7 +412,7 @@ func SettingsApplicationsPost(ctx *context.Context, form auth.NewAccessTokenForm } func SettingsDeleteApplication(ctx *context.Context) { - if err := models.DeleteAccessTokenByID(ctx.QueryInt64("id")); err != nil { + if err := models.DeleteAccessTokenByUserID(ctx.User.ID, ctx.QueryInt64("id")); err != nil { ctx.Flash.Error("DeleteAccessTokenByID: " + err.Error()) } else { ctx.Flash.Success(ctx.Tr("settings.delete_token_success")) diff --git a/templates/.VERSION b/templates/.VERSION index 1da1fccc4..b946e8e6f 100644 --- a/templates/.VERSION +++ b/templates/.VERSION @@ -1 +1 @@ -0.9.107.1222 \ No newline at end of file +0.9.108.1222 \ No newline at end of file