diff options
| author | Frédéric Buclin <LpSolit@gmail.com> | 2012-05-21 20:07:33 +0200 |
|---|---|---|
| committer | Frédéric Buclin <LpSolit@gmail.com> | 2012-05-21 20:07:33 +0200 |
| commit | fc9858fed697d00fb921dd86448dad0ef70552a6 (patch) | |
| tree | 0ea0fcc2484767562729c45278dc96241f59d67c /editflagtypes.cgi | |
| parent | 5ec002f8c6aaf5dba9039ac8ae5898b07af4afee (diff) | |
| download | bugzilla-fc9858fed697d00fb921dd86448dad0ef70552a6.tar.gz bugzilla-fc9858fed697d00fb921dd86448dad0ef70552a6.tar.xz | |
Bug 754090: Bugzilla::FlagType::match() crashes when the group parameter is not a number
a=LpSolit
Diffstat (limited to 'editflagtypes.cgi')
| -rwxr-xr-x | editflagtypes.cgi | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/editflagtypes.cgi b/editflagtypes.cgi index d78942c07..d75bebba2 100755 --- a/editflagtypes.cgi +++ b/editflagtypes.cgi @@ -156,6 +156,9 @@ if ($action eq 'list') { my $component_id = $component ? $component->id : 0; my $show_flag_counts = $cgi->param('show_flag_counts') ? 1 : 0; my $group_id = $cgi->param('group'); + if ($group_id) { + detaint_natural($group_id) || ThrowUserError('invalid_group_ID'); + } my $bug_flagtypes; my $attach_flagtypes; |