From 91225228cd8b8f132a496c2d078c14ffb8ecbab3 Mon Sep 17 00:00:00 2001 From: "lpsolit%gmail.com" <> Date: Wed, 4 May 2005 02:41:22 +0000 Subject: Bug 279303: Negative numbers are rejected as invalid sortkeys for milestones - Patch by Peter D. Stout r=LpSolit a=justdave --- Bugzilla/Util.pm | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) (limited to 'Bugzilla/Util.pm') diff --git a/Bugzilla/Util.pm b/Bugzilla/Util.pm index 2c45e077f..70b4c6845 100644 --- a/Bugzilla/Util.pm +++ b/Bugzilla/Util.pm @@ -30,6 +30,7 @@ use strict; use base qw(Exporter); @Bugzilla::Util::EXPORT = qw(is_tainted trick_taint detaint_natural + detaint_signed html_quote url_quote value_quote xml_quote css_class_quote lsearch max min @@ -69,6 +70,16 @@ sub detaint_natural { return (defined($_[0])); } +sub detaint_signed { + $_[0] =~ /^([-+]?\d+)$/; + $_[0] = $1; + # Remove any leading plus sign. + if (defined($_[0]) && $_[0] =~ /^\+(\d+)$/) { + $_[0] = $1; + } + return (defined($_[0])); +} + sub html_quote { my ($var) = (@_); $var =~ s/\&/\&/g; @@ -325,6 +336,7 @@ Bugzilla::Util - Generic utility functions for bugzilla $rv = is_tainted($var); trick_taint($var); detaint_natural($var); + detaint_signed($var); # Functions for quoting html_quote($var); @@ -393,6 +405,12 @@ This routine detaints a natural number. It returns a true value if the value passed in was a valid natural number, else it returns false. You B check the result of this routine to avoid security holes. +=item C + +This routine detaints a signed integer. It returns a true value if the +value passed in was a valid signed integer, else it returns false. You +B check the result of this routine to avoid security holes. + =back =head2 Quoting -- cgit v1.2.3-24-g4f1b