diff options
| author | bbaetz%student.usyd.edu.au <> | 2002-02-05 06:16:18 +0000 |
|---|---|---|
| committer | bbaetz%student.usyd.edu.au <> | 2002-02-05 06:16:18 +0000 |
| commit | f15fc6e6632c6a360b5f620cf929084a07a4c403 (patch) | |
| tree | 625d7cd16bd0e24e1015c923d1dc8aff0e9bd40b | |
| parent | a063aa364c6cafb341a1884691516fcc78a1187a (diff) | |
| download | bugs-f15fc6e6632c6a360b5f620cf929084a07a4c403.tar bugs-f15fc6e6632c6a360b5f620cf929084a07a4c403.tar.gz bugs-f15fc6e6632c6a360b5f620cf929084a07a4c403.tar.bz2 bugs-f15fc6e6632c6a360b5f620cf929084a07a4c403.tar.xz bugs-f15fc6e6632c6a360b5f620cf929084a07a4c403.zip | |
bug 122418 - setting attachment status fails taint checks. Just needed to
detaint after checking.
r=gerv,kiko
| -rwxr-xr-x | attachment.cgi | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/attachment.cgi b/attachment.cgi index 5996aa86d..368ad702e 100755 --- a/attachment.cgi +++ b/attachment.cgi @@ -257,6 +257,8 @@ sub validateStatuses || DisplayError("One of the statuses you entered is not a valid status for this attachment.") && exit; + # We have tested that the status is valid, so it can be detainted + detaint_natural($status); } } |