From: Max Kanat-Alexander <mkanat@bugzilla.org>
Date: Mon, 2 Aug 2010 00:48:22 +0000 (-0700)
Subject: Bug 583645: Make $dbh->quote always detaint its output, even on DBDs that
X-Git-Tag: bugzilla-4.1.1~340
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=16f1833e572297edd89faddb69364e09efecdfdb;p=thirdparty%2Fbugzilla.git

Bug 583645: Make $dbh->quote always detaint its output, even on DBDs that
don't normally detaint output from $dbh->quote.
r=LpSolit, a=LpSolit
---

diff --git a/Bugzilla/DB.pm b/Bugzilla/DB.pm
index 43fcd6e9a1..11e124fdac 100644
--- a/Bugzilla/DB.pm
+++ b/Bugzilla/DB.pm
@@ -94,6 +94,17 @@ use constant FULLTEXT_OR => '';
 use constant WORD_START => '(^|[^[:alnum:]])';
 use constant WORD_END   => '($|[^[:alnum:]])';
 
+#####################################################################
+# Overridden Superclass Methods 
+#####################################################################
+
+sub quote {
+    my $self = shift;
+    my $retval = $self->SUPER::quote(@_);
+    trick_taint($retval) if defined $retval;
+    return $retval;
+}
+
 #####################################################################
 # Connection Methods
 #####################################################################