From 91225228cd8b8f132a496c2d078c14ffb8ecbab3 Mon Sep 17 00:00:00 2001 From: "lpsolit%gmail.com" <> Date: Wed, 4 May 2005 02:41:22 +0000 Subject: Bug 279303: Negative numbers are rejected as invalid sortkeys for milestones - Patch by Peter D. Stout r=LpSolit a=justdave --- editmilestones.cgi | 35 +++++++++++++++++++---------------- 1 file changed, 19 insertions(+), 16 deletions(-) (limited to 'editmilestones.cgi') diff --git a/editmilestones.cgi b/editmilestones.cgi index 5c9e21468..32e6790c2 100755 --- a/editmilestones.cgi +++ b/editmilestones.cgi @@ -116,6 +116,21 @@ sub CheckMilestone ($$) } } +sub CheckSortkey ($$) +{ + my ($milestone, $sortkey) = @_; + # Keep a copy in case detaint_signed() clears the sortkey + my $stored_sortkey = $sortkey; + + if (!detaint_signed($sortkey) || $sortkey < -32768 || $sortkey > 32767) { + ThrowUserError('milestone_sortkey_invalid', + {'name' => $milestone, + 'sortkey' => $stored_sortkey}); + } + + return $sortkey; +} + # # Preliminary checks: # @@ -261,13 +276,8 @@ if ($action eq 'new') { {'name' => $milestone}); } - # Need to store in case detaint_natural() clears the sortkey - my $stored_sortkey = $sortkey; - if (!detaint_natural($sortkey)) { - ThrowUserError('milestone_sortkey_invalid', - {'name' => $milestone, - 'sortkey' => $stored_sortkey}); - } + $sortkey = CheckSortkey($milestone, $sortkey); + if (TestMilestone($product, $milestone)) { ThrowUserError('milestone_already_exists', {'name' => $milestone, @@ -453,15 +463,8 @@ if ($action eq 'update') { 'milestones WRITE', 'products WRITE'); - # Need to store because detaint_natural() will delete this if - # invalid - my $stored_sortkey = $sortkey; - if ($sortkey != $sortkeyold) { - if (!detaint_natural($sortkey)) { - ThrowUserError('milestone_sortkey_invalid', - {'name' => $milestone, - 'sortkey' => $stored_sortkey}); - } + if ($sortkey ne $sortkeyold) { + $sortkey = CheckSortkey($milestone, $sortkey); trick_taint($milestoneold); -- cgit v1.2.3-24-g4f1b