From 9dddcae9ca3dcf872893e36e2f478ebecafdc6e2 Mon Sep 17 00:00:00 2001
From: Bart Visscher <bartv@thisnet.nl>
Date: Sat, 9 Feb 2013 15:03:47 +0100
Subject: [PATCH] Remove invalid characters from app id to prevent loading of
invalid resources
---
core/ajax/translations.php | 1 +
lib/app.php | 9 +++++++++
lib/base.php | 2 +-
lib/l10n.php | 2 +-
settings/ajax/disableapp.php | 2 +-
settings/ajax/enableapp.php | 2 +-
settings/ajax/navigationdetect.php | 1 +
settings/ajax/updateapp.php | 1 +
8 files changed, 16 insertions(+), 4 deletions(-)
diff --git a/core/ajax/translations.php b/core/ajax/translations.php
index e22cbad470..e52a2e9b1e 100644
--- a/core/ajax/translations.php
+++ b/core/ajax/translations.php
@@ -22,6 +22,7 @@
*/
$app = $_POST["app"];
+$app = OC_App::cleanAppId($app);
$l = OC_L10N::get( $app );
diff --git a/lib/app.php b/lib/app.php
index 3a4e21e8cd..54f16d6bdc 100644
--- a/lib/app.php
+++ b/lib/app.php
@@ -38,6 +38,15 @@ class OC_App{
static private $checkedApps = array();
static private $altLogin = array();
+ /**
+ * @brief clean the appid
+ * @param $app Appid that needs to be cleaned
+ * @return string
+ */
+ public static function cleanAppId($app) {
+ return str_replace(array('\0', '/', '\\', '..'), '', $app);
+ }
+
/**
* @brief loads all apps
* @param array $types
diff --git a/lib/base.php b/lib/base.php
index 5bfdb0b7c0..b9e59c3431 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -468,7 +468,7 @@ class OC {
register_shutdown_function(array('OC_Helper', 'cleanTmp'));
//parse the given parameters
- self::$REQUESTEDAPP = (isset($_GET['app']) && trim($_GET['app']) != '' && !is_null($_GET['app']) ? str_replace(array('\0', '/', '\\', '..'), '', strip_tags($_GET['app'])) : OC_Config::getValue('defaultapp', 'files'));
+ self::$REQUESTEDAPP = (isset($_GET['app']) && trim($_GET['app']) != '' && !is_null($_GET['app']) ? OC_App::cleanAppId(strip_tags($_GET['app'])) : OC_Config::getValue('defaultapp', 'files'));
if (substr_count(self::$REQUESTEDAPP, '?') != 0) {
$app = substr(self::$REQUESTEDAPP, 0, strpos(self::$REQUESTEDAPP, '?'));
$param = substr($_GET['app'], strpos($_GET['app'], '?') + 1);
diff --git a/lib/l10n.php b/lib/l10n.php
index ee87900926..e272bcd79f 100644
--- a/lib/l10n.php
+++ b/lib/l10n.php
@@ -97,7 +97,7 @@ class OC_L10N{
if ($this->app === true) {
return;
}
- $app = $this->app;
+ $app = OC_App::cleanAppId($this->app);
$lang = $this->lang;
$this->app = true;
// Find the right language
diff --git a/settings/ajax/disableapp.php b/settings/ajax/disableapp.php
index e89de928ea..466a719157 100644
--- a/settings/ajax/disableapp.php
+++ b/settings/ajax/disableapp.php
@@ -2,6 +2,6 @@
OC_JSON::checkAdminUser();
OCP\JSON::callCheck();
-OC_App::disable($_POST['appid']);
+OC_App::disable(OC_App::cleanAppId($_POST['appid']));
OC_JSON::success();
diff --git a/settings/ajax/enableapp.php b/settings/ajax/enableapp.php
index 18202dc39e..ab84aee516 100644
--- a/settings/ajax/enableapp.php
+++ b/settings/ajax/enableapp.php
@@ -3,7 +3,7 @@
OC_JSON::checkAdminUser();
OCP\JSON::callCheck();
-$appid = OC_App::enable($_POST['appid']);
+$appid = OC_App::enable(OC_App::cleanAppId($_POST['appid']));
if($appid !== false) {
OC_JSON::success(array('data' => array('appid' => $appid)));
} else {
diff --git a/settings/ajax/navigationdetect.php b/settings/ajax/navigationdetect.php
index 93acb50dc2..607c0e873f 100644
--- a/settings/ajax/navigationdetect.php
+++ b/settings/ajax/navigationdetect.php
@@ -4,6 +4,7 @@ OC_Util::checkAdminUser();
OCP\JSON::callCheck();
$app = $_GET['app'];
+$app = OC_App::cleanAppId($app);
//load the one app and see what it adds to the navigation
OC_App::loadApp($app);
diff --git a/settings/ajax/updateapp.php b/settings/ajax/updateapp.php
index 77c0bbc3e3..9367a3b5a3 100644
--- a/settings/ajax/updateapp.php
+++ b/settings/ajax/updateapp.php
@@ -4,6 +4,7 @@ OC_JSON::checkAdminUser();
OCP\JSON::callCheck();
$appid = $_POST['appid'];
+$appid = OC_App::cleanAppId($appid);
$result = OC_Installer::updateApp($appid);
if($result !== false) {
--
GitLab