diff options
| author | cyeh%bluemartini.com <> | 2000-08-30 03:01:07 +0200 |
|---|---|---|
| committer | cyeh%bluemartini.com <> | 2000-08-30 03:01:07 +0200 |
| commit | 8fa450e947a3f82ad25e282fbee99204b916315d (patch) | |
| tree | 519661e5a397ad3727094361e3470927baea1ee0 /process_bug.cgi | |
| parent | e3b268aef6a6aef0a0c0d4e609a649c4a466a107 (diff) | |
| download | bugzilla-8fa450e947a3f82ad25e282fbee99204b916315d.tar.gz bugzilla-8fa450e947a3f82ad25e282fbee99204b916315d.tar.xz | |
fix for 49063: no sanity checking when setting duplicate. sanity checking
is done for the dup id field, but not for the originating bug id.
now checks to see if the original bug id is valid as well, although i don't
understand how this could get corrupted in the first place
Diffstat (limited to 'process_bug.cgi')
| -rwxr-xr-x | process_bug.cgi | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/process_bug.cgi b/process_bug.cgi index 11cd5b3ec..3664e427f 100755 --- a/process_bug.cgi +++ b/process_bug.cgi @@ -528,6 +528,13 @@ SWITCH: for ($::FORM{'knob'}) { "make sense to mark a bug as a duplicate of " . "itself, does it?"); } + my $checkid = trim($::FORM{'id'}); + SendSQL("SELECT bug_id FROM bugs where bug_id = " . SqlQuote($checkid)); + $checkid = FetchOneColumn(); + if (!$checkid) { + PuntTryAgain("The bug id $::FORM{'id'} is invalid. Please reload this bug ". + "and try again."); + } AppendComment($num, $::FORM{'who'}, "*** Bug $::FORM{'id'} has been marked as a duplicate of this bug. ***"); if ( Param('strictvaluechecks') ) { CheckFormFieldDefined(\%::FORM,'comment'); |