From 74482be2ee7604873241a65f50dbc0b922d68d39 Mon Sep 17 00:00:00 2001
From: "justdave%syndicomm.com" <>
Date: Sun, 18 Jan 2004 10:44:54 +0000
Subject: [PATCH] Bug 227510: The shadowdb parameter wasn't getting detainted
 before using it to create the shadowdb. r= myk, a= justdave

---
 defparams.pl | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/defparams.pl b/defparams.pl
index 4332b0ecab..106da06879 100644
--- a/defparams.pl
+++ b/defparams.pl
@@ -93,6 +93,12 @@ sub check_numeric {
 sub check_shadowdb {
     my ($value) = (@_);
     $value = trim($value);
+    if ($value =~ /^([A-Za-z0-9_]+)$/) {
+        $value = $1;
+    }
+    else {
+        return "Invalid database name.  Database names must include only alphanumeric characters and underscores.";
+    }
     if ($value eq "") {
         return "";
     }
-- 
2.47.2