From: bbaetz%student.usyd.edu.au <>
Date: Fri, 5 Apr 2002 15:48:27 +0000 (+0000)
Subject: bug 134562 - taint error in buglist.cgi
X-Git-Tag: bugzilla-2.16rc1~135
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=181d044266e61ffa073d1aa7ba252e812ac03c65;p=thirdparty%2Fbugzilla.git

bug 134562 - taint error in buglist.cgi
r=justdave, gerv
---

diff --git a/buglist.cgi b/buglist.cgi
index 2895ddd81c..53685e96d9 100755
--- a/buglist.cgi
+++ b/buglist.cgi
@@ -1226,8 +1226,12 @@ else {
 # Add the votes column to the list of columns to be displayed
 # in the bug list if the user is searching for bugs with a certain
 # number of votes and the votes column is not already on the list.
-push(@displaycolumns, 'votes') 
-  if $::FORM{'votes'} && !grep($_ eq 'votes', @displaycolumns);
+
+# Some versions of perl will taint 'votes' if this is done as a single
+# statement, because $::FORM{'votes'} is tainted at this point
+if (trim($::FORM{'votes'}) && !grep($_ eq 'votes', @displaycolumns)) {
+    push(@displaycolumns, 'votes');
+}
 
 
 ################################################################################