From 39e8d6dc7a8371433d8260b86ebc12396da1de7a Mon Sep 17 00:00:00 2001
From: "lpsolit%gmail.com" <>
Date: Tue, 21 Feb 2006 07:32:08 +0000
Subject: [SECURITY] editparams.cgi doesn't check whether 'whinedays' and
 'mostfreqthreshold' are numeric - Patch by Frédéric Buclin
 <LpSolit@gmail.com> r=wicked a=justdave
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 Bugzilla/Config/MTA.pm   | 3 ++-
 Bugzilla/Config/Query.pm | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

(limited to 'Bugzilla/Config')

diff --git a/Bugzilla/Config/MTA.pm b/Bugzilla/Config/MTA.pm
index 61569e2d3..50aa8c85d 100644
--- a/Bugzilla/Config/MTA.pm
+++ b/Bugzilla/Config/MTA.pm
@@ -104,7 +104,8 @@ Configure bugmail: %urlbase%userprefs.cgi?tab=email
   {
    name => 'whinedays',
    type => 't',
-   default => 7
+   default => 7,
+   checker => \&check_numeric
   },
 
   {
diff --git a/Bugzilla/Config/Query.pm b/Bugzilla/Config/Query.pm
index b86339fc9..e3996a0ee 100644
--- a/Bugzilla/Config/Query.pm
+++ b/Bugzilla/Config/Query.pm
@@ -51,7 +51,8 @@ sub get_param_list {
   {
    name => 'mostfreqthreshold',
    type => 't',
-   default => '2'
+   default => '2',
+   checker => \&check_numeric
   },
 
   {
-- 
cgit v1.2.3-24-g4f1b