From: justdave%syndicomm.com <>
Date: Sun, 18 Jan 2004 10:44:54 +0000 (+0000)
Subject: Bug 227510: The shadowdb parameter wasn't getting detainted before using it to create... 
X-Git-Tag: bugzilla-2.16.5~13
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=74482be2ee7604873241a65f50dbc0b922d68d39;p=thirdparty%2Fbugzilla.git

Bug 227510: The shadowdb parameter wasn't getting detainted before using it to create the shadowdb.
r= myk, a= justdave
---

diff --git a/defparams.pl b/defparams.pl
index 4332b0ecab..106da06879 100644
--- a/defparams.pl
+++ b/defparams.pl
@@ -93,6 +93,12 @@ sub check_numeric {
 sub check_shadowdb {
     my ($value) = (@_);
     $value = trim($value);
+    if ($value =~ /^([A-Za-z0-9_]+)$/) {
+        $value = $1;
+    }
+    else {
+        return "Invalid database name.  Database names must include only alphanumeric characters and underscores.";
+    }
     if ($value eq "") {
         return "";
     }