diff options
| author | terry%mozilla.org <> | 2000-03-08 02:22:41 +0000 |
|---|---|---|
| committer | terry%mozilla.org <> | 2000-03-08 02:22:41 +0000 |
| commit | d38fe0e5cab4a7efaba8a79a22a85b0e67817441 (patch) | |
| tree | d090c36e14e128eb6c65e3b4d5d576ba78647650 /createattachment.cgi | |
| parent | 77f66018f328fe5321fa95d76515a187231ad1f0 (diff) | |
| download | bugs-d38fe0e5cab4a7efaba8a79a22a85b0e67817441.tar bugs-d38fe0e5cab4a7efaba8a79a22a85b0e67817441.tar.gz bugs-d38fe0e5cab4a7efaba8a79a22a85b0e67817441.tar.bz2 bugs-d38fe0e5cab4a7efaba8a79a22a85b0e67817441.tar.xz bugs-d38fe0e5cab4a7efaba8a79a22a85b0e67817441.zip | |
Patch by Brian Duggan <bduggan@oven.com> -- security improvements.
Diffstat (limited to 'createattachment.cgi')
| -rwxr-xr-x | createattachment.cgi | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/createattachment.cgi b/createattachment.cgi index 1eaf9b1ea..fa370d710 100755 --- a/createattachment.cgi +++ b/createattachment.cgi @@ -41,6 +41,7 @@ confirm_login(); print "Content-type: text/html\n\n"; my $id = $::FORM{'id'}; +die "invalid id: $id" unless $id=~/^\s*\d+\s*$/; PutHeader("Create an attachment", "Create attachment", "Bug $id"); |