[pLog-svn] r4732 - plog/branches/lifetype-1.1.6/class/action

Oscar Renalias oscar at renalias.net
Wed Feb 14 05:04:53 EST 2007


I think that's their problem, not ours. There's been some other  
security issues fixed in the 1.1.x branch and we never backported  
them. This time I decided to backport this because 1.2 is still 2-3  
weeks away, otherwise I wouldn't have bothered...

On 14 Feb 2007, at 11:11, Mark Wu wrote:

> Maybe we also need to consider backport to 1.0.x.
>
> There are still a lot people use 1.0.x and not upgrade to 1.1.x
>
> Mark
>
>> -----Original Message-----
>> From: plog-svn-bounces at devel.lifetype.net
>> [mailto:plog-svn-bounces at devel.lifetype.net] On Behalf Of
>> oscar at devel.lifetype.net
>> Sent: Wednesday, February 14, 2007 7:50 AM
>> To: plog-svn at devel.lifetype.net
>> Subject: [pLog-svn] r4732 - plog/branches/lifetype-1.1.6/class/action
>>
>> Author: oscar
>> Date: 2007-02-13 18:50:04 -0500 (Tue, 13 Feb 2007) New Revision: 4732
>>
>> Modified:
>>    plog/branches/lifetype-1.1.6/class/action/rssaction.class.php
>> Log:
>> Fix for the issue reported by Matt, now backported to
>> Lifetype 1.1.6 (which should be released tomorrow) Those of
>> you running 1.1.x, please apply this fix asap - it should be
>> as easy as overwriting your version of
>> class/action/rssaction.class.php with this one:
>>
>> http://devel.lifetype.net/svn/plog/plog/branches/lifetype-1.1.
>> 6/class/action/rssaction.class.php
>>
>> Modified:
>> plog/branches/lifetype-1.1.6/class/action/rssaction.class.php
>> ===================================================================
>> ---
>> plog/branches/lifetype-1.1.6/class/action/rssaction.class.php	
>> 2007-02-13 23:48:18 UTC (rev 4731)
>> +++
>> plog/branches/lifetype-1.1.6/class/action/rssaction.class.php	
>> 2007-02-13 23:50:04 UTC (rev 4732)
>> @@ -23,7 +23,12 @@
>>          	$this->BlogAction( $blogInfo, $request );
>>
>>  			$this->registerFieldValidator(
>> "categoryId", new IntegerValidator(), true );
>> -			$this->registerFieldValidator(
>> "profile", new StringValidator(), true );
>> +			
>> +			// create a StringValidator and add an
>> extra rule to make sure that the input string contains only
>> +			// alphanumeric characters
>> +			$profileValidator = new StringValidator();
>> +			$profileValidator->addRule( new
>> RegexpRule( "^([a-zA-Z0-9]*)$" ));
>> +			$this->registerFieldValidator(
>> "profile", $profileValidator, true );
>>
>>  			// generate a dummy view with nothing
>> in it to signal an error
>>  			$view = new RssView( $this->_blogInfo,
>> RSS_VIEW_DEFAULT_PROFILE ); @@ -62,6 +67,11 @@
>>              // use the default profile as configured
>>              $profile = $this->_request->getValue( "profile" );
>>  			if( $profile == "" ) $profile = $defaultProfile;
>> +			
>> +			// sanitize the profile variable
>> +			$profile = str_replace( ".", "", $profile );
>> +			$profile = str_replace( "/", "", $profile );
>> +			$profile = str_replace( "%", "",
>> $profile );			
>>
>>              // fetch the category, or set it to '0'
>> otherwise, which will mean
>>              // fetch all the most recent posts from any category
>>
>> _______________________________________________
>> pLog-svn mailing list
>> pLog-svn at devel.lifetype.net
>> http://limedaley.com/mailman/listinfo/plog-svn
>>
>
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://limedaley.com/mailman/listinfo/plog-svn
>



More information about the pLog-svn mailing list