Bug 220332: Insecure dependency in exec while running with -T switch at process_bug...

author jocuri%softhome.net <>

Sun, 19 Oct 2003 15:32:46 +0000 (15:32 +0000)

committer jocuri%softhome.net <>

Sun, 19 Oct 2003 15:32:46 +0000 (15:32 +0000)
author jocuri%softhome.net <>
Sun, 19 Oct 2003 15:32:46 +0000 (15:32 +0000)
committer jocuri%softhome.net <>
Sun, 19 Oct 2003 15:32:46 +0000 (15:32 +0000)
diff --git a/process_bug.cgi b/process_bug.cgi

index aa8b668db7d970a1a4f05e1eb6463577a5b0dcde..205b3f3663cc28c128485033c4a55061af236b42 100755 (executable)
--- a/process_bug.cgi
+++ b/process_bug.cgi
@@ -568,6 +568,8 @@ if (defined $::FORM{newcc} || defined $::FORM{removecc} || defined $::FORM{massc
          $cc_remove =~ s/[\s,]+/ /g; # Change all delimiters to a single space
          foreach my $person ( split(" ", $cc_remove) ) {
              my $pid = DBNameToIdAndCheck($person);
+            # if we got here, the DB has already verified the email
+            trick_taint($person);
              $cc_remove{$pid} = $person;
          }
      }
author	jocuri%softhome.net <>
	Sun, 19 Oct 2003 15:32:46 +0000 (15:32 +0000)
committer	jocuri%softhome.net <>
	Sun, 19 Oct 2003 15:32:46 +0000 (15:32 +0000)