diff options
| author | Frédéric Buclin <LpSolit@gmail.com> | 2012-05-21 20:06:17 +0200 |
|---|---|---|
| committer | Frédéric Buclin <LpSolit@gmail.com> | 2012-05-21 20:06:17 +0200 |
| commit | 89e86c9318b61fe67077d33e37cc625c06487581 (patch) | |
| tree | 2de87f67791faa81cef15962774d4417f1edd76b /editflagtypes.cgi | |
| parent | cb114a086e9d68706f326adcc30b149fb06170d1 (diff) | |
| download | bugzilla-89e86c9318b61fe67077d33e37cc625c06487581.tar.gz bugzilla-89e86c9318b61fe67077d33e37cc625c06487581.tar.xz | |
Bug 754090: Bugzilla::FlagType::match() crashes when the group parameter is not a number
a=LpSolit
Diffstat (limited to 'editflagtypes.cgi')
| -rwxr-xr-x | editflagtypes.cgi | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/editflagtypes.cgi b/editflagtypes.cgi index 4603aee38..e9c430d7d 100755 --- a/editflagtypes.cgi +++ b/editflagtypes.cgi @@ -141,6 +141,9 @@ if ($action eq 'list') { my $component_id = $component ? $component->id : 0; my $show_flag_counts = $cgi->param('show_flag_counts') ? 1 : 0; my $group_id = $cgi->param('group'); + if ($group_id) { + detaint_natural($group_id) || ThrowUserError('invalid_group_ID'); + } my $bug_flagtypes; my $attach_flagtypes; |