aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/graph.php
diff options
context:
space:
mode:
authorPeter Wu2014-07-20 16:11:08 +0200
committerPeter Wu2014-07-20 23:23:24 +0200
commit3fd10f9e4adb28da89ced5eb3e71c7536f308918 (patch)
treefe21968ab76163246f389d319f2a3da2ade63f93 /graph.php
parentFix type confusion (diff)
downloadapt-panopticon_cgp-3fd10f9e4adb28da89ced5eb3e71c7536f308918.zip
apt-panopticon_cgp-3fd10f9e4adb28da89ced5eb3e71c7536f308918.tar.gz
apt-panopticon_cgp-3fd10f9e4adb28da89ced5eb3e71c7536f308918.tar.bz2
apt-panopticon_cgp-3fd10f9e4adb28da89ced5eb3e71c7536f308918.tar.xz
security: Add missing input validation for plugin
This is a security bug. The contents of the file are not immediately disclosed, but it could disclose environment information to the attacker (when display_errors=1 and an ancient PHP version is used that does not check for '\0' in `file_exists()`).
Diffstat (limited to 'graph.php')
-rw-r--r--graph.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/graph.php b/graph.php
index 0b7cee5..1727c1b 100644
--- a/graph.php
+++ b/graph.php
@@ -23,7 +23,7 @@ $typesdb = parse_typesdb_file($CONFIG['typesdb']);
23 23
24if ($plugin == 'aggregation') { 24if ($plugin == 'aggregation') {
25 $pi = explode("-", GET('pi')); 25 $pi = explode("-", GET('pi'));
26 $plugin = $_GET['p'] = $pi[0]; 26 $plugin = $_GET['p'] = validate_get($pi[0], 'plugin');
27} 27}
28 28
29# plugin json 29# plugin json