From a6562e03893e2d6f3c5719f4cc36e53067277959 Mon Sep 17 00:00:00 2001
From: Frédéric Buclin <LpSolit@gmail.com>
Date: Sun, 27 Mar 2016 00:30:17 +0100
Subject: Bug 987742 (part 2): correctly detaint $ENV{PATH} on Strawberry Perl

---
 Bugzilla.pm | 1 +
 1 file changed, 1 insertion(+)

(limited to 'Bugzilla.pm')

diff --git a/Bugzilla.pm b/Bugzilla.pm
index fba6d2a04..64cf15bb6 100644
--- a/Bugzilla.pm
+++ b/Bugzilla.pm
@@ -99,6 +99,7 @@ sub init_page {
                 my $c_path = $path = dirname($^X);
                 $c_path =~ s/\bperl\b(?=\\bin)/c/;
                 $path .= ";$c_path";
+                trick_taint($path);
             }
         }
         # Some environment variables are not taint safe
-- 
cgit v1.2.3-24-g4f1b