From 3687c9c30bd54c8ea35ed601bc113e172ffbbb25 Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <eelco.dolstra@logicblox.com>
Date: Wed, 1 Oct 2014 17:05:39 +0200
Subject: [PATCH] Validate build IDs

---
 src/lib/Hydra/Controller/Build.pm | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/lib/Hydra/Controller/Build.pm b/src/lib/Hydra/Controller/Build.pm
index e94f9d9c..411065d3 100644
--- a/src/lib/Hydra/Controller/Build.pm
+++ b/src/lib/Hydra/Controller/Build.pm
@@ -1,5 +1,6 @@
 package Hydra::Controller::Build;
 
+use utf8;
 use strict;
 use warnings;
 use base 'Hydra::Base::Controller::NixChannel';
@@ -18,6 +19,8 @@ use Encode;
 sub buildChain :Chained('/') :PathPart('build') :CaptureArgs(1) {
     my ($self, $c, $id) = @_;
 
+    $id =~ /^[0-9]+$/ or error($c, "Invalid build ID ‘$id’.");
+
     $c->stash->{id} = $id;
 
     $c->stash->{build} = getBuild($c, $id);