From 814004e0edefc141b8cc28db0d54cf2a6fad4486 Mon Sep 17 00:00:00 2001
From: Don Armstrong <don@donarmstrong.com>
Date: Mon, 23 Feb 2015 21:00:57 -0800
Subject: [PATCH] we know that the statement is ok; use $1 to avoid taint
 issues

---
 Debbugs/CGI/Pkgreport.pm | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Debbugs/CGI/Pkgreport.pm b/Debbugs/CGI/Pkgreport.pm
index d149979..523dbbb 100644
--- a/Debbugs/CGI/Pkgreport.pm
+++ b/Debbugs/CGI/Pkgreport.pm
@@ -486,7 +486,7 @@ sub parse_order_statement_into_boolean {
               }exg;
     # check that the parsed statement is just valid boolean statements
     if ($statement =~ /^([01\(\)\&\|]+)$/) {
-        return eval "$statement";
+        return eval "$1";
     } else {
         # this is an invalid boolean statement
         return 0;
-- 
2.39.2