From 3c34001bd91b5eb8bb69e012eba7d65cc7e31046 Mon Sep 17 00:00:00 2001
From: vfilippov <vfilippov@6955db30-a419-402b-8a0d-67ecbb4d7f56>
Date: Fri, 13 Jan 2012 12:01:10 +0000
Subject: [PATCH] Bug 75890 - CVE-2011-3657
 (https://bugzilla.mozilla.org/show_bug.cgi?id=697699)

git-svn-id: svn://svn.office.custis.ru/3rdparty/bugzilla.org/trunk@1501 6955db30-a419-402b-8a0d-67ecbb4d7f56
---
 Bugzilla/Chart.pm | 4 ++--
 report.cgi        | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/Bugzilla/Chart.pm b/Bugzilla/Chart.pm
index 58089d29e..0cd257b23 100644
--- a/Bugzilla/Chart.pm
+++ b/Bugzilla/Chart.pm
@@ -435,10 +435,10 @@ sub dump {
 
     # Make sure we've read in our data
     my $data = $self->data;
-    
+
     require Data::Dumper;
     print "<pre>Bugzilla::Chart object:\n";
-    print Data::Dumper::Dumper($self);
+    print html_quote(Data::Dumper::Dumper($self));
     print "</pre>";
 }
 
diff --git a/report.cgi b/report.cgi
index 30c89f241..63f708df7 100755
--- a/report.cgi
+++ b/report.cgi
@@ -303,9 +303,9 @@ $cgi->send_header(-type => $format->{'ctype'},
 if ($cgi->param('debug')) {
     require Data::Dumper;
     print "<pre>data hash:\n";
-    print Data::Dumper::Dumper(%data) . "\n\n";
+    print html_quote(Data::Dumper::Dumper(%data)) . "\n\n";
     print "data array:\n";
-    print Data::Dumper::Dumper(@image_data) . "\n\n</pre>";
+    print html_quote(Data::Dumper::Dumper(@image_data)) . "\n\n</pre>";
 }
 
 # All formats point to the same section of the documentation.