diff options
| author | gerv%gerv.net <> | 2002-09-27 08:25:11 +0200 |
|---|---|---|
| committer | gerv%gerv.net <> | 2002-09-27 08:25:11 +0200 |
| commit | 37dc5c7799eb5a6d7385f6fda76bb96747979a09 (patch) | |
| tree | 024c0a39f671ad56684493ea2182a5db5ffe11e9 /globals.pl | |
| parent | ca45228232819bfccdb6dca4f89fe45d3923f333 (diff) | |
| download | bugzilla-37dc5c7799eb5a6d7385f6fda76bb96747979a09.tar.gz bugzilla-37dc5c7799eb5a6d7385f6fda76bb96747979a09.tar.xz | |
Bug 170986 - General Summary reports don't work with taint checking. Also fixes Throw*Error's $extra_vars parameter. Patch by gerv; r=bbaetz.
Diffstat (limited to 'globals.pl')
| -rw-r--r-- | globals.pl | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/globals.pl b/globals.pl index 64031bc85..a6a751562 100644 --- a/globals.pl +++ b/globals.pl @@ -1637,6 +1637,8 @@ sub GetFormat { # Security - allow letters and a hyphen only $ctype =~ s/[^a-zA-Z\-]//g; $format =~ s/[^a-zA-Z\-]//g; + trick_taint($ctype); + trick_taint($format); $template .= ($format ? "-$format" : ""); $template .= ".$ctype.tmpl"; |