diff options
| author | lpsolit%gmail.com <> | 2007-11-05 02:43:58 +0100 |
|---|---|---|
| committer | lpsolit%gmail.com <> | 2007-11-05 02:43:58 +0100 |
| commit | f1dc414f91dd77d3141ba0a46b41e5620e76e438 (patch) | |
| tree | 217e5182bfa7cb9bf620c662d7a0bed6ec17c1f1 | |
| parent | 7d90e43e9879be068e563567995ffe2b5066bd61 (diff) | |
| download | bugzilla-f1dc414f91dd77d3141ba0a46b41e5620e76e438.tar.gz bugzilla-f1dc414f91dd77d3141ba0a46b41e5620e76e438.tar.xz | |
Bug 402438: Invalid deadlines can be set by unauthorized users - Patch by Frédéric Buclin <LpSolit@gmail.com> r/a=mkanat
| -rwxr-xr-x | Bugzilla/Bug.pm | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/Bugzilla/Bug.pm b/Bugzilla/Bug.pm index 7ffc3b52e..7a4c02e89 100755 --- a/Bugzilla/Bug.pm +++ b/Bugzilla/Bug.pm @@ -946,7 +946,8 @@ sub _check_deadline { # Check time-tracking permissions. my $tt_group = Bugzilla->params->{"timetrackinggroup"}; - my $current = ref $invocant ? $invocant->deadline : undef; + # deadline() returns '' instead of undef if no deadline is set. + my $current = ref $invocant ? ($invocant->deadline || undef) : undef; return $current unless $tt_group && Bugzilla->user->in_group($tt_group); # Validate entered deadline |