Bug 208647: Fixes taint error in add new products code.

Patch by jpyeron@pyerotechnics.com (Jason Pyeron)
r= bbaetz, a= justdave

diff --git a/editproducts.cgi b/editproducts.cgi
index 1782a74b8c3ece9a0d6c09827bdd7f011bdd41e7..c36537c2208c7b2656623055c7c46800ce780f2e 100755 (executable)
--- a/editproducts.cgi
+++ b/editproducts.cgi
@@ -337,8 +337,15 @@ if ($action eq 'new') {
             SqlQuote($product) . "," .
             SqlQuote($description) . "," .
             SqlQuote($milestoneurl) . "," .
-            $disallownew . "," .
-            "$votesperuser, $maxvotesperbug, $votestoconfirm, " .
+            # had tainting issues under cygwin, IIS 5.0, perl -T %s %s
+            # see bug 208647. http://bugzilla.mozilla.org/show_bug.cgi?id=208647
+            # had to de-taint $disallownew, $votesperuser, $maxvotesperbug,
+            #  and $votestoconfirm w/ SqlQuote()
+            # - jpyeron@pyerotechnics.com
+            SqlQuote($disallownew) . "," .
+            SqlQuote($votesperuser) . "," .
+            SqlQuote($maxvotesperbug) . "," .
+            SqlQuote($votestoconfirm) . "," .
             SqlQuote($defaultmilestone) . ")");
     SendSQL("SELECT LAST_INSERT_ID()");
     my $product_id = FetchOneColumn();