diff options
author | terry%mozilla.org <> | 2000-03-08 03:22:41 +0100 |
---|---|---|
committer | terry%mozilla.org <> | 2000-03-08 03:22:41 +0100 |
commit | d38fe0e5cab4a7efaba8a79a22a85b0e67817441 (patch) | |
tree | d090c36e14e128eb6c65e3b4d5d576ba78647650 /createattachment.cgi | |
parent | 77f66018f328fe5321fa95d76515a187231ad1f0 (diff) | |
download | bugzilla-d38fe0e5cab4a7efaba8a79a22a85b0e67817441.tar.gz bugzilla-d38fe0e5cab4a7efaba8a79a22a85b0e67817441.tar.xz |
Patch by Brian Duggan <bduggan@oven.com> -- security improvements.
Diffstat (limited to 'createattachment.cgi')
-rwxr-xr-x | createattachment.cgi | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/createattachment.cgi b/createattachment.cgi index 1eaf9b1ea..fa370d710 100755 --- a/createattachment.cgi +++ b/createattachment.cgi @@ -41,6 +41,7 @@ confirm_login(); print "Content-type: text/html\n\n"; my $id = $::FORM{'id'}; +die "invalid id: $id" unless $id=~/^\s*\d+\s*$/; PutHeader("Create an attachment", "Create attachment", "Bug $id"); |