[security] Global variables scope injection vulnerability (see PMASA-…

…2013-7)
phpmyadmin · Jun 28, 2013 · 0124642 · 0124642
1 parent 64c2b9a
commit 0124642
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 0 deletions.
diff --git a/ChangeLog b/ChangeLog
@@ -1,6 +1,9 @@
 phpMyAdmin - ChangeLog
 ======================
 
+4.0.4.1 ()
+- [security] Global variables scope injection vulnerability (see PMASA-2013-7)
+
 4.0.4.0 (2013-06-17)
 - bug #3959 Using DefaultTabDatabase in NavigationTree for Database Click
 - bug #3961 Avoid Suhosin warning when in simulation mode

diff --git a/import.php b/import.php
@@ -122,6 +122,24 @@
  * We only need to load the selected plugin
  */
 
+if (! in_array(
+    $format, 
+    array(
+        'csv',
+        'ldi',
+        'mediawiki',
+        'ods',
+        'shp',
+        'sql',
+        'xml'
+    )
+)
+) {
+    // this should not happen for a normal user
+    // but only during an attack
+    PMA_fatalError('Incorrect format parameter');
+}
+
 $post_patterns = array(
     '/^force_file_/',
     '/^'. $format . '_/'