Bug 523869: Insecure dependency error when trying to update some fields (problem...

author lpsolit%gmail.com <>

Fri, 23 Oct 2009 15:37:40 +0000 (15:37 +0000)

committer lpsolit%gmail.com <>

Fri, 23 Oct 2009 15:37:40 +0000 (15:37 +0000)
author lpsolit%gmail.com <>
Fri, 23 Oct 2009 15:37:40 +0000 (15:37 +0000)
committer lpsolit%gmail.com <>
Fri, 23 Oct 2009 15:37:40 +0000 (15:37 +0000)
diff --git a/Bugzilla/Bug.pm b/Bugzilla/Bug.pm

index 98547cd95bd0140175a8236844ac5f173fd7200e..326c9d84d02b1039c0ada515544b655c493a8393 100644 (file)
--- a/Bugzilla/Bug.pm
+++ b/Bugzilla/Bug.pm
@@ -3709,6 +3709,11 @@ sub AUTOLOAD {
        $self->{_multi_selects} ||= [Bugzilla->get_fields(
            {custom => 1, type => FIELD_TYPE_MULTI_SELECT })];
        if ( grep($_->name eq $attr, @{$self->{_multi_selects}}) ) {
+          # There is a bug in Perl 5.10.0, which is fixed in 5.10.1,
+          # which taints $attr at this point. trick_taint() can go
+          # away once we require 5.10.1 or newer.
+          trick_taint($attr);
+
            $self->{$attr} ||= Bugzilla->dbh->selectcol_arrayref(
                "SELECT value FROM bug_$attr WHERE bug_id = ? ORDER BY value",
                undef, $self->id);
author	lpsolit%gmail.com <>
	Fri, 23 Oct 2009 15:37:40 +0000 (15:37 +0000)
committer	lpsolit%gmail.com <>
	Fri, 23 Oct 2009 15:37:40 +0000 (15:37 +0000)