From: dkl%redhat.com <>
Date: Thu, 3 Jan 2002 14:15:55 +0000 (+0000)
Subject: SECURITY FIX for bug 117614; Undefined subroutine &main::detaint_natural called at... 
X-Git-Tag: bugzilla-2.14.2~11
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=9cfd61b715c6c35a79192c92efe9531a9d27bfd1;p=thirdparty%2Fbugzilla.git

SECURITY FIX for bug 117614; Undefined subroutine &main::detaint_natural called at editusers.cgi line 739. Patch bug David D. Kilzer <ddkilzer@theracingworld.com> r=justdave,dkl
---

diff --git a/globals.pl b/globals.pl
index 91bed7794c..cfb0325249 100644
--- a/globals.pl
+++ b/globals.pl
@@ -20,6 +20,7 @@
 # Contributor(s): Terry Weissman <terry@mozilla.org>
 #                 Dan Mosedale <dmose@mozilla.org>
 #                 Jake <jake@acutex.net>
+#                 Bradley Baetz <bbaetz@cs.mcgill.ca>
 
 # Contains some global variables and routines used throughout bugzilla.
 
@@ -835,6 +836,12 @@ sub detaint_string {
     $str = $1;
 }
 
+sub detaint_natural {
+    $_[0] =~ /^(\d+)$/;
+    $_[0] = $1;
+    return (defined($_[0]));
+}
+
 # This routine quoteUrls contains inspirations from the HTML::FromText CPAN
 # module by Gareth Rees <garethr@cre.canon.co.uk>.  It has been heavily hacked,
 # all that is really recognizable from the original is bits of the regular