From cf3aa532ea51a41b02c8ea73db254d01c03280ba Mon Sep 17 00:00:00 2001
From: "lpsolit%gmail.com" <>
Date: Fri, 28 Oct 2005 17:33:18 +0000
Subject: Bug 314088: Several Bugzilla::Foo->new crash when passing a string
 instead of a valid ID as a param - Patch by Frédéric Buclin
 <LpSolit@gmail.com> r=kiko a=justdave
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 Bugzilla/Product.pm | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'Bugzilla/Product.pm')

diff --git a/Bugzilla/Product.pm b/Bugzilla/Product.pm
index 2bc9da52d..5405b1651 100644
--- a/Bugzilla/Product.pm
+++ b/Bugzilla/Product.pm
@@ -63,7 +63,10 @@ sub _init {
     my $id = $param unless (ref $param eq 'HASH');
     my $product;
 
-    if (defined $id && detaint_natural($id)) {
+    if (defined $id) {
+        detaint_natural($id)
+          || ThrowCodeError('param_must_be_numeric',
+                            {function => 'Bugzilla::Product::_init'});
 
         $product = $dbh->selectrow_hashref(qq{
             SELECT $columns FROM products
-- 
cgit v1.2.3-24-g4f1b