From: mkanat%bugzilla.org <>
Date: Tue, 22 Sep 2009 00:17:39 +0000 (+0000)
Subject: Bug 517502: The Security patch in 3.0.9 broke some WebService Bug.create parameters... 
X-Git-Tag: bugzilla-3.0.10~2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=50151c0a4a48b073be2c7ddc9bb12e81ce7fb092;p=thirdparty%2Fbugzilla.git

Bug 517502: The Security patch in 3.0.9 broke some WebService Bug.create parameters (the ones where the API name is different from the internal name)
---

diff --git a/Bugzilla/WebService/Bug.pm b/Bugzilla/WebService/Bug.pm
index 480e5fb96e..75f8f50938 100644
--- a/Bugzilla/WebService/Bug.pm
+++ b/Bugzilla/WebService/Bug.pm
@@ -114,7 +114,7 @@ sub create {
     foreach my $field (keys %$params) {
         my $field_name = FIELD_MAP->{$field} || $field;
         # Prevent SQL Injection via key names.
-        _check_valid_field($field);
+        _check_valid_field($field_name);
         $field_values{$field_name} = $params->{$field}; 
     }