From d38fe0e5cab4a7efaba8a79a22a85b0e67817441 Mon Sep 17 00:00:00 2001
From: "terry%mozilla.org" <>
Date: Wed, 8 Mar 2000 02:22:41 +0000
Subject: Patch by Brian Duggan <bduggan@oven.com> -- security improvements.

---
 createattachment.cgi | 1 +
 1 file changed, 1 insertion(+)

(limited to 'createattachment.cgi')

diff --git a/createattachment.cgi b/createattachment.cgi
index 1eaf9b1ea..fa370d710 100755
--- a/createattachment.cgi
+++ b/createattachment.cgi
@@ -41,6 +41,7 @@ confirm_login();
 print "Content-type: text/html\n\n";
 
 my $id = $::FORM{'id'};
+die "invalid id: $id" unless $id=~/^\s*\d+\s*$/;
 
 PutHeader("Create an attachment", "Create attachment", "Bug $id");
 
-- 
cgit v1.2.3-24-g4f1b