From 89e86c9318b61fe67077d33e37cc625c06487581 Mon Sep 17 00:00:00 2001
From: Frédéric Buclin <LpSolit@gmail.com>
Date: Mon, 21 May 2012 20:06:17 +0200
Subject: Bug 754090: Bugzilla::FlagType::match() crashes when the group
 parameter is not a number a=LpSolit

---
 editflagtypes.cgi | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'editflagtypes.cgi')

diff --git a/editflagtypes.cgi b/editflagtypes.cgi
index 4603aee38..e9c430d7d 100755
--- a/editflagtypes.cgi
+++ b/editflagtypes.cgi
@@ -141,6 +141,9 @@ if ($action eq 'list') {
     my $component_id = $component ? $component->id : 0;
     my $show_flag_counts = $cgi->param('show_flag_counts') ? 1 : 0;
     my $group_id = $cgi->param('group');
+    if ($group_id) {
+        detaint_natural($group_id) || ThrowUserError('invalid_group_ID');
+    }
 
     my $bug_flagtypes;
     my $attach_flagtypes;
-- 
cgit v1.2.3-24-g4f1b