22 lines
908 B
Plaintext
22 lines
908 B
Plaintext
$OpenBSD: patch-lib_functions_php,v 1.1 2011/10/25 19:07:56 jasper Exp $
|
|
|
|
From 76e6dad13ef77c5448b8dfed1a61e4acc7241165 Mon Sep 17 00:00:00 2001
|
|
From: Deon George <wurley@users.sf.net>
|
|
Date: Thu, 6 Oct 2011 09:03:20 +1100
|
|
Subject: [PATCH] SF Bug #3417184 - PHP Code Injection Vulnerability
|
|
|
|
--- lib/functions.php.orig Tue Oct 25 21:05:21 2011
|
|
+++ lib/functions.php Tue Oct 25 21:05:31 2011
|
|
@@ -1003,8 +1003,9 @@ function masort(&$data,$sortby,$rev=0) {
|
|
if (defined('DEBUG_ENABLED') && DEBUG_ENABLED && (($fargs=func_get_args())||$fargs='NOARGS'))
|
|
debug_log('Entered (%%)',1,0,__FILE__,__LINE__,__METHOD__,$fargs);
|
|
|
|
- # if the array to sort is null or empty
|
|
- if (! $data) return;
|
|
+ # if the array to sort is null or empty, or if we have some nasty chars
|
|
+ if (! preg_match('/^[a-zA-Z0-9_]+(\([a-zA-Z0-9_,]*\))?$/',$sortby) || ! $data)
|
|
+ return;
|
|
|
|
static $CACHE = array();
|
|
|