From: lpsolit%gmail.com <>
Date: Sat, 21 Oct 2006 06:22:38 +0000 (+0000)
Subject: Bug 356328: $rankdir should be validated in showdependencygraph.cgi - Patch by Frédér... 
X-Git-Tag: bugzilla-2.22.2~45
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4f3b5be9c8c327d00e22e0686ab0e7b10feab32a;p=thirdparty%2Fbugzilla.git

Bug 356328: $rankdir should be validated in showdependencygraph.cgi - Patch by Frédéric Buclin <LpSolit@gmail.com> r=bkor a=myk
---

diff --git a/showdependencygraph.cgi b/showdependencygraph.cgi
index d2d18dd548..22d1c49f86 100755
--- a/showdependencygraph.cgi
+++ b/showdependencygraph.cgi
@@ -99,7 +99,15 @@ sub AddLink {
     }
 }
 
+# The list of valid directions. Some are not proposed in the dropdrown
+# menu despite they are valid ones.
+my @valid_rankdirs = ('LR', 'RL', 'TB', 'BT');
+
 my $rankdir = $cgi->param('rankdir') || "LR";
+# Make sure the submitted 'rankdir' value is valid.
+if (lsearch(\@valid_rankdirs, $rankdir) < 0) {
+    $rankdir = 'LR';
+}
 
 if (!defined $cgi->param('id') && !defined $cgi->param('doall')) {
     ThrowCodeError("missing_bug_id");