From b12ae43a0ab2ec794f770544de3038e49ec76da8 Mon Sep 17 00:00:00 2001
From: "lpsolit%gmail.com" <>
Date: Mon, 19 Dec 2005 03:16:10 +0000
Subject: [PATCH] =?utf8?q?Bug=20319082:=20"new=20Bugzilla::User($uid)"=20a?=
 =?utf8?q?llows=20you=20to=20pass=20invalid=20$uid=20-=20Patch=20by=20Fr?=
 =?utf8?q?=C3=A9d=C3=A9ric=20Buclin=20<LpSolit@gmail.com>=20r=3Dmkanat=20a?=
 =?utf8?q?=3Djustdave?=
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

---
 Bugzilla/User.pm | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

diff --git a/Bugzilla/User.pm b/Bugzilla/User.pm
index 681bd5f5fa..85af4fd4df 100644
--- a/Bugzilla/User.pm
+++ b/Bugzilla/User.pm
@@ -66,10 +66,20 @@ use constant MATCH_SKIP_CONFIRM  => 1;
 
 sub new {
     my $invocant = shift;
-    if (scalar @_ == 0) {
+    my $user_id = shift;
+
+    if ($user_id) {
+        my $uid = $user_id;
+        detaint_natural($user_id)
+          || ThrowCodeError('invalid_numeric_argument',
+                            {argument => 'userID',
+                             value    => $uid,
+                             function => 'Bugzilla::User::new'});
+        return $invocant->_create("userid=?", $user_id);
+    }
+    else {
         return $invocant->_create;
     }
-    return $invocant->_create("userid=?", @_);
 }
 
 # This routine is sort of evil. Nothing except the login stuff should
@@ -82,8 +92,10 @@ sub new {
 # in the id its already had to validate (or the User.pm object, of course)
 sub new_from_login {
     my $invocant = shift;
+    my $login = shift;
+
     my $dbh = Bugzilla->dbh;
-    return $invocant->_create($dbh->sql_istrcmp('login_name', '?'), @_);
+    return $invocant->_create($dbh->sql_istrcmp('login_name', '?'), $login);
 }
 
 # Internal helper for the above |new| methods
-- 
2.47.2