[PATCH] Deny access to nonexistent tickets instead of throwing an exception

[Anders Kaseorg]

The SensitiveTickets plugin throws an “Invalid Ticket Number” exception not only when displaying nonexistent tickets, but also when displaying tickets that accidentally link to nonexistent tickets, e.g. because someone happened to write #999999 in a comment. Please apply the attached patch.

[Anders Kaseorg]

Your Trac seems to discard the commit message from the patch, so I’ll reproduce it below in case you want to use it:

Deny access to nonexistent tickets instead of throwing an exception.

Previously, the SensitiveTickets plugin threw an “Invalid Ticket
Number” exception not only when displaying nonexistent tickets, but
also when displaying tickets that accidentally link to nonexistent
tickets, e.g. because someone happened to write #999999 in a comment.
Fix this by properly denying access to nonexistent tickets.

(Allowing access to nonexistent tickets would lead to a dangerous race
condition when an attacker views a sensitive ticket just as it’s being
created.)

Signed-off-by: Anders Kaseorg <andersk@mit.edu>

[Anders Kaseorg]

There’s some discussion about an alternative patch for the same problem on #5308. My patch is better because it isn’t vulnerable to the race condition (see #5308 for details), so I closed it as duplicate.

[obs]

(In [8233]) Deny access to nonexistent tickets instead of throwing an exception.

Thanks to Anders Kaseorg <andersk@mit.edu> for providing a patch

Fixes #7082