[SECURITY] Bug 214290: A user with 'editproducts' privileges (i.e. usually an adminis...

Patch by Dave Miller <justdave@bugzilla.org>
r= gerv, bbaetz   a= justdave

diff --git a/collectstats.pl b/collectstats.pl
index 2a29bb9f5c4ef1b2e826c731dd2deec1d08751ba..5d96e5b16debfa47cd3ca03bf668f34665247aef 100755 (executable)
--- a/collectstats.pl
+++ b/collectstats.pl
@@ -82,7 +82,7 @@ sub collect_stats {
             if( $product eq "-All-" ) {
                 SendSQL("select count(bug_status) from bugs where bug_status='$status'");
             } else {
-                SendSQL("select count(bug_status) from bugs where bug_status='$status' and product='$product'");
+                SendSQL("select count(bug_status) from bugs where bug_status='$status' and product=" . SqlQuote($product));
             }
 
             push @row, FetchOneColumn();
@@ -92,7 +92,7 @@ sub collect_stats {
             if( $product eq "-All-" ) {
                 SendSQL("select count(resolution) from bugs where resolution='$resolution'");
             } else {
-                SendSQL("select count(resolution) from bugs where resolution='$resolution' and product='$product'");
+                SendSQL("select count(resolution) from bugs where resolution='$resolution' and product=" . SqlQuote($product));
             }
 
             push @row, FetchOneColumn();