From d38fe0e5cab4a7efaba8a79a22a85b0e67817441 Mon Sep 17 00:00:00 2001
From: "terry%mozilla.org" <>
Date: Wed, 8 Mar 2000 02:22:41 +0000
Subject: Patch by Brian Duggan <bduggan@oven.com> -- security improvements.

---
 CGI.pl | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'CGI.pl')

diff --git a/CGI.pl b/CGI.pl
index 8f80826d2..c8dc98e2c 100644
--- a/CGI.pl
+++ b/CGI.pl
@@ -842,6 +842,9 @@ sub CheckIfVotedConfirmed {
 sub DumpBugActivity {
     my ($id, $starttime) = (@_);
     my $datepart = "";
+
+    die "Invalid id: $id" unless $id=~/^\s*\d+\s*$/;
+
     if (defined $starttime) {
         $datepart = "and bugs_activity.bug_when >= $starttime";
     }
-- 
cgit v1.2.1