mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-14 22:05:44 +00:00
Patch for bug 250265: fix taint issues with vote fields when editing products; patch by GavinS <bugzilla@chimpychompy.org> slightly updated by me; r=joel; a=justdave.
This commit is contained in:
parent
5e54da8e32
commit
bfee2e2d2a
@ -1075,12 +1075,24 @@ if ($action eq 'update') {
|
||||
CheckProduct($productold);
|
||||
my $product_id = get_product_id($productold);
|
||||
|
||||
if ($maxvotesperbug !~ /^\d+$/ || $maxvotesperbug <= 0) {
|
||||
if (!detaint_natural($maxvotesperbug) || $maxvotesperbug == 0) {
|
||||
print "Sorry, the max votes per bug must be a positive integer.";
|
||||
PutTrailer($localtrailer);
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!detaint_natural($votesperuser)) {
|
||||
print "Sorry, the votes per user must be an integer >= 0.";
|
||||
PutTrailer($localtrailer);
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!detaint_natural($votestoconfirm)) {
|
||||
print "Sorry, the votes to confirm must be an integer >= 0.";
|
||||
PutTrailer($localtrailer);
|
||||
exit;
|
||||
}
|
||||
|
||||
# Note that we got the $product_id using $productold above so it will
|
||||
# remain static even after we rename the product in the database.
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user