]> git.ipfire.org Git - thirdparty/bugzilla.git/commitdiff
projects / thirdparty / bugzilla.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 39e9e3e)
Bug 224021: taint issues in editusers.cgi
authorjouni%heikniemi.net <>
Sun, 23 May 2004 14:32:00 +0000 (14:32 +0000)
committerjouni%heikniemi.net <>
Sun, 23 May 2004 14:32:00 +0000 (14:32 +0000)
Patch by byron jones <bugzilla@glob.com.au>
r=jouni, a=justdave

editusers.cgi patch | blob | blame | history

diff --git a/editusers.cgi b/editusers.cgi
index abe4b6194e1c3f3443d7e8f61e372c13f79a13b8..f83a649846831a0e6fae966daa811d2e6c35deff 100755 (executable)
--- a/editusers.cgi
+++ b/editusers.cgi
@@ -323,6 +323,7 @@ if ($action eq 'list') {
       $query = "SELECT login_name,realname,disabledtext " .
           "FROM profiles WHERE " . $::FORM{'query'} . " ORDER BY login_name";
     } elsif (exists $::FORM{'group'}) {
+      detaint_natural($::FORM{'group'});
       $query = "SELECT DISTINCT login_name,realname,disabledtext " .
           "FROM profiles, user_group_map WHERE profiles.userid = user_group_map.user_id
            AND group_id=" . $::FORM{'group'} . " ORDER BY login_name";
Mirror of https://github.com/bugzilla/bugzilla.git