File tree 1 file changed +15
-8
lines changed
1 file changed +15
-8
lines changed Original file line number Diff line number Diff line change @@ -3100,15 +3100,22 @@ function sanitize_cdef($cdef) {
31003100 */
31013101function sanitize_unserialize_selected_items ($ items ) {
31023102 if ($ items != '' ) {
3103- $ items = unserialize (stripslashes ($ items ));
3104-
3105- if (is_array ($ items )) {
3106- foreach ($ items as $ item ) {
3107- if (is_array ($ item )) {
3108- return false ;
3109- } elseif (!is_numeric ($ item ) && ($ item != '' )) {
3110- return false ;
3103+ $ unstripped = stripslashes ($ items );
3104+
3105+ // validate that sanitized string is correctly formatted
3106+ if (preg_match ('/^a:[0-9]+:{/ ' , $ unstripped ) && !preg_match ('/(^|;|{|})O:\+?[0-9]+:"/ ' , $ unstripped )) {
3107+ $ items = unserialize ($ unstripped );
3108+
3109+ if (is_array ($ items )) {
3110+ foreach ($ items as $ item ) {
3111+ if (is_array ($ item )) {
3112+ return false ;
3113+ } elseif (!is_numeric ($ item ) && ($ item != '' )) {
3114+ return false ;
3115+ }
31113116 }
3117+ } else {
3118+ return false ;
31123119 }
31133120 } else {
31143121 return false ;
You can’t perform that action at this time.
0 commit comments