maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

validate sql_search and sql_orderby API parameters, set version to 0.10.34 for security release

Browse Source 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann
2022-04-01 09:27:45 +02:00
parent 3c16fab92c
commit 4546c00adb
5 changed files with 25 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
lib/Froxlor/Api/ApiCommand.php
View File

@@ -297,6 +297,10 @@ abstract class ApiCommand extends ApiParameter
$sortfield[$id] = $sfield;
}
$field = implode('.', $sortfield);
if (preg_match('/^([a-z0-9\-\._`]+)$/i', $field) == false) {
// skip
continue;
}
if (! $first) {
$condition .= ' AND ';
}
@@ -313,6 +317,14 @@ abstract class ApiCommand extends ApiParameter
} elseif (strtolower($valoper['op']) == 'in' && is_array($valoper['value']) && count($valoper['value']) > 0) {
$condition .= $field . ' ' . $valoper['op'] . ' (';
foreach ($valoper['value'] as $incnt => $invalue) {
if (!is_numeric($incnt)) {
// skip
continue;
}
if (!empty($invalue) && preg_match('/^([a-z0-9\-\._`]+)$/i', $invalue) == false) {
// skip
continue;
}
$condition .= ":" . $cleanfield . $incnt . ", ";
$query_fields[':' . $cleanfield . $incnt] = $invalue ?? '';
}
@@ -398,6 +410,10 @@ abstract class ApiCommand extends ApiParameter
$sortfield[$id] = $sfield;
}
$field = implode('.', $sortfield);
if (preg_match('/^([a-z0-9\-\._`]+)$/i', $field) == false) {
// skip
continue;
}
$by = strtoupper($by);
if (! in_array($by, [
'ASC',
@@ -423,6 +439,7 @@ abstract class ApiCommand extends ApiParameter
return $order;
}
/**
* return logger instance
*

2
lib/Froxlor/Froxlor.php
View File

@@ -7,7 +7,7 @@ final class Froxlor
{
// Main version variable
const VERSION = '0.10.33';
const VERSION = '0.10.34';
// Database version (YYYYMMDDC where C is a daily counter)
const DBVERSION = '202112310';