Bug 523869: Insecure dependency error when trying to update some fields (problem...

author lpsolit%gmail.com <>

Fri, 23 Oct 2009 15:43:13 +0000 (15:43 +0000)

committer lpsolit%gmail.com <>

Fri, 23 Oct 2009 15:43:13 +0000 (15:43 +0000)
author lpsolit%gmail.com <>
Fri, 23 Oct 2009 15:43:13 +0000 (15:43 +0000)
committer lpsolit%gmail.com <>
Fri, 23 Oct 2009 15:43:13 +0000 (15:43 +0000)
diff --git a/Bugzilla/Bug.pm b/Bugzilla/Bug.pm

index 64a53b8a13097089fc99164b4be996af11ca9c1a..19e93f42c85a0d4c7e2dcab634f496fda24280e2 100644 (file)
--- a/Bugzilla/Bug.pm
+++ b/Bugzilla/Bug.pm
@@ -3685,6 +3685,11 @@ sub AUTOLOAD {
        $self->{_multi_selects} ||= [Bugzilla->get_fields(
            {custom => 1, type => FIELD_TYPE_MULTI_SELECT })];
        if ( grep($_->name eq $attr, @{$self->{_multi_selects}}) ) {
+          # There is a bug in Perl 5.10.0, which is fixed in 5.10.1,
+          # which taints $attr at this point. trick_taint() can go
+          # away once we require 5.10.1 or newer.
+          trick_taint($attr);
+
            $self->{$attr} ||= Bugzilla->dbh->selectcol_arrayref(
                "SELECT value FROM bug_$attr WHERE bug_id = ? ORDER BY value",
                undef, $self->id);
author	lpsolit%gmail.com <>
	Fri, 23 Oct 2009 15:43:13 +0000 (15:43 +0000)
committer	lpsolit%gmail.com <>
	Fri, 23 Oct 2009 15:43:13 +0000 (15:43 +0000)