From feb2db26899e2bf8075850641ae627c253238bcd Mon Sep 17 00:00:00 2001
From: "myk%mozilla.org" <>
Date: Fri, 8 Nov 2002 07:28:38 +0000
Subject: Fix for bug 178800: fixes taint failure in graphical charts with Perl
 5.6.0 r=gerv a=justdave

---
 report.cgi | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'report.cgi')

diff --git a/report.cgi b/report.cgi
index 4c5952949..91d5074bc 100755
--- a/report.cgi
+++ b/report.cgi
@@ -109,6 +109,17 @@ $columns{'target_milestone'} = "bugs.target_milestone";
 # so that we always select 3 items in the query.
 $columns{''}                 = "42217354";
 
+# Validate the values in the axis fields or throw an error.
+!$row_field 
+  || ($columns{$row_field} && trick_taint($row_field))
+  || ThrowCodeError("report_axis_invalid", { fld=>"x", val=>$row_field });
+!$col_field 
+  || ($columns{$col_field} && trick_taint($col_field))
+  || ThrowCodeError("report_axis_invalid", { fld=>"y", val=>$col_field });
+!$tbl_field 
+  || ($columns{$tbl_field} && trick_taint($tbl_field))
+  || ThrowCodeError("report_axis_invalid", { fld=>"z", val=>$tbl_field });
+
 my @axis_fields = ($row_field, $col_field, $tbl_field);
 
 my @selectnames = map($columns{$_}, @axis_fields);
-- 
cgit v1.2.3-24-g4f1b