summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlpsolit%gmail.com <>2006-02-21 08:32:08 +0100
committerlpsolit%gmail.com <>2006-02-21 08:32:08 +0100
commit39e8d6dc7a8371433d8260b86ebc12396da1de7a (patch)
tree2d657fba0d4876115cd763c9e79cc6a1f339cd08
parentd95cd6e4e888fe3daacf7d2f5ca688018ae19a00 (diff)
downloadbugzilla-39e8d6dc7a8371433d8260b86ebc12396da1de7a.tar.gz
bugzilla-39e8d6dc7a8371433d8260b86ebc12396da1de7a.tar.xz
[SECURITY] editparams.cgi doesn't check whether 'whinedays' and 'mostfreqthreshold' are numeric - Patch by Frédéric Buclin <LpSolit@gmail.com> r=wicked a=justdave
-rw-r--r--Bugzilla/Config/MTA.pm3
-rw-r--r--Bugzilla/Config/Query.pm3
2 files changed, 4 insertions, 2 deletions
diff --git a/Bugzilla/Config/MTA.pm b/Bugzilla/Config/MTA.pm
index 61569e2d3..50aa8c85d 100644
--- a/Bugzilla/Config/MTA.pm
+++ b/Bugzilla/Config/MTA.pm
@@ -104,7 +104,8 @@ Configure bugmail: %urlbase%userprefs.cgi?tab=email
{
name => 'whinedays',
type => 't',
- default => 7
+ default => 7,
+ checker => \&check_numeric
},
{
diff --git a/Bugzilla/Config/Query.pm b/Bugzilla/Config/Query.pm
index b86339fc9..e3996a0ee 100644
--- a/Bugzilla/Config/Query.pm
+++ b/Bugzilla/Config/Query.pm
@@ -51,7 +51,8 @@ sub get_param_list {
{
name => 'mostfreqthreshold',
type => 't',
- default => '2'
+ default => '2',
+ checker => \&check_numeric
},
{