From: lpsolit%gmail.com <>
Date: Thu, 10 Nov 2005 07:40:50 +0000 (+0000)
Subject: Bug 314919: [PostgreSQL] "Find a Specific Bug" using Pg fails - Patch by Frédéric... 
X-Git-Tag: bugzilla-2.22rc1~155
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d18833467afdeaea11fe0deae3495e36dca209e0;p=thirdparty%2Fbugzilla.git

Bug 314919: [PostgreSQL] "Find a Specific Bug" using Pg fails - Patch by Frédéric Buclin <LpSolit@gmail.com> r=joel a=myk
---

diff --git a/Bugzilla/DB.pm b/Bugzilla/DB.pm
index 263f545af4..f031637d55 100644
--- a/Bugzilla/DB.pm
+++ b/Bugzilla/DB.pm
@@ -272,6 +272,9 @@ sub sql_fulltext_search {
     # in LIKE search clauses
     @words = map($self->quote("%$_%"), @words);
 
+    # untaint words, since they are safe to use now that we've quoted them
+    map(trick_taint($_), @words);
+
     # turn the words into a set of LIKE search clauses
     @words = map("LOWER($column) LIKE $_", @words);