bug 122418 - setting attachment status fails taint checks. Just needed to

detaint after checking.
r=gerv,kiko

diff --git a/attachment.cgi b/attachment.cgi
index 5996aa86d05c8fc612ba7f98811bd1b5fc5499de..368ad702e2c0c932619f9a4ec5944d6d6a891c9e 100755 (executable)
--- a/attachment.cgi
+++ b/attachment.cgi
@@ -257,6 +257,8 @@ sub validateStatuses
       || DisplayError("One of the statuses you entered is not a valid status
                        for this attachment.")
         && exit;
+    # We have tested that the status is valid, so it can be detainted
+    detaint_natural($status);
   }
 }