From 19117cc3e4da268d64107957e4c206d8df875505 Mon Sep 17 00:00:00 2001
From: Gervase Markham <gerv@mozilla.org>
Date: Wed, 21 Jan 2015 20:06:08 +0000
Subject: Bug 1079065: [SECURITY] Always use the 3 arguments form for open() to
 prevent shell code injection r=dkl,a=glob

---
 reports.cgi | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'reports.cgi')

diff --git a/reports.cgi b/reports.cgi
index cdc9d4a87..89dee1c9a 100755
--- a/reports.cgi
+++ b/reports.cgi
@@ -138,7 +138,7 @@ sub generate_chart {
     my ($dir, $image_file, $product, $datasets) = @_;
     my $data_file = $dir . '/' . $product->id;
 
-    if (! open FILE, $data_file) {
+    if (!open(FILE, '<', $data_file)) {
         ThrowCodeError('chart_data_not_generated', {'product' => $product});
     }
 
-- 
cgit v1.2.1