From be62e41e9ca2f80634e87174320a74d426c47b04 Mon Sep 17 00:00:00 2001
From: "lpsolit%gmail.com" <lpsolit%gmail.com>
Date: Wed, 4 Oct 2006 19:47:28 +0000
Subject: [PATCH] =?UTF-8?q?Bug=20355230:=20[PostgreSQL]=20Crash=20if=20sha?=
 =?UTF-8?q?rer=5Fid=20is=20not=20an=20integer=20-=20Patch=20by=20Fr?=
 =?UTF-8?q?=EF=BF=BDd=EF=BF=BDric=20Buclin=20<LpSolit@gmail.com>=20r=3Dwur?=
 =?UTF-8?q?blzap=20a=3Dmyk?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 webtools/bugzilla/buglist.cgi                               | 3 ++-
 .../template/en/default/global/user-error.html.tmpl         | 6 ++++--
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/webtools/bugzilla/buglist.cgi b/webtools/bugzilla/buglist.cgi
index d226ec8a88f..44565f1af9d 100755
--- a/webtools/bugzilla/buglist.cgi
+++ b/webtools/bugzilla/buglist.cgi
@@ -221,8 +221,9 @@ sub LookupNamedQuery {
     $name || ThrowUserError("query_name_missing");
     trick_taint($name);
     if ($sharer_id) {
-        trick_taint($sharer_id);
         $owner_id = $sharer_id;
+        detaint_natural($owner_id);
+        $owner_id || ThrowUserError('illegal_user_id', {'userid' => $sharer_id});
     }
     else {
         $owner_id = $user->id;
diff --git a/webtools/bugzilla/template/en/default/global/user-error.html.tmpl b/webtools/bugzilla/template/en/default/global/user-error.html.tmpl
index 58eaf5893d9..3fdc24d4deb 100644
--- a/webtools/bugzilla/template/en/default/global/user-error.html.tmpl
+++ b/webtools/bugzilla/template/en/default/global/user-error.html.tmpl
@@ -966,7 +966,7 @@
     [% docslinks = {'query.html' => "Searching for $terms.bugs",
                     'list.html'  => "$terms.Bug lists"} %]
     The search named <em>[% queryname FILTER html %]</em>
-    [% IF sharer_id %]
+    [% IF sharer_id && sharer_id != user.id %]
       has not been made visible to you.
     [% ELSE %]
       does not exist.
@@ -1521,8 +1521,10 @@
   # search from any error call location. %]
 
 [% namedcmd = Bugzilla.cgi.param("namedcmd") %]
+[% sharer_id = Bugzilla.cgi.param("sharer_id") %]
 [% IF namedcmd AND error != "missing_query" 
-               AND error != "saved_search_used_by_whines" %]
+               AND error != "saved_search_used_by_whines"
+               AND !sharer_id %]
   <p>  
     Alternatively, you can    
     <a href="buglist.cgi?cmdtype=dorem&amp;remaction=forget&amp;namedcmd=