Skip to content

Commit f294b45

Browse files
committed
FREEPBX-8070 Turn all serialized into json
1 parent fda29c5 commit f294b45

File tree

2 files changed

+13
-7
lines changed

2 files changed

+13
-7
lines changed

Diff for: htdocs_ari/includes/login.php

+11-6
Original file line numberDiff line numberDiff line change
@@ -53,11 +53,16 @@ function Auth() {
5353
$data = '';
5454
$chksum = '';
5555
if (isset($_COOKIE['ari_auth'])) {
56-
$buf = unserialize(stripslashes($_COOKIE['ari_auth']));
57-
list($data,$chksum) = $buf;
56+
$buf = json_decode($_COOKIE['ari_auth'],true);
57+
if(!is_array($buf)) {
58+
$data = false;
59+
$chksum = false;
60+
} else {
61+
list($data,$chksum) = $buf;
62+
}
5863
}
5964
if (md5($data) == $chksum) {
60-
$data = unserialize($crypt->decrypt($data,$ARI_CRYPT_PASSWORD));
65+
$data = json_decode($crypt->decrypt($data,$ARI_CRYPT_PASSWORD),true);
6166
$username = $data['username'];
6267
$password = $data['password'];
6368
}
@@ -290,11 +295,11 @@ function Auth() {
290295
if ($auth && $remember) {
291296

292297
$data = array('username' => $username, 'password' => $password);
293-
$data = $crypt->encrypt(serialize($data),$ARI_CRYPT_PASSWORD);
298+
$data = $crypt->encrypt(json_encode($data),$ARI_CRYPT_PASSWORD);
294299

295300
$chksum = md5($data);
296301

297-
$buf = serialize(array($data,$chksum));
302+
$buf = json_encode(array($data,$chksum));
298303
setcookie('ari_auth',$buf,time()+365*24*60*60,'/');
299304
}
300305

@@ -484,4 +489,4 @@ function GetForm() {
484489
}
485490

486491

487-
?>
492+
?>

Diff for: module.xml

+2-1
Original file line numberDiff line numberDiff line change
@@ -3,11 +3,12 @@
33
<modtype>framework</modtype>
44
<repo>standard</repo>
55
<name>FreePBX ARI Framework</name>
6-
<version>2.11.1.4</version>
6+
<version>2.11.1.5</version>
77
<publisher>Schmooze Com Inc</publisher>
88
<license>GPLv3+</license>
99
<licenselink>http://www.gnu.org/licenses/gpl-3.0.txt</licenselink>
1010
<changelog>
11+
*2.11.1.5* FREEPBX-8070 SECURITY ISSUE Exec shell on a host using bug in Asterisk Recording Interface index.php
1112
*2.11.1.4* Force removal of User Panel Tab
1213
*2.11.1.3* Delete user panel tab because it comes from this module now
1314
*2.11.1.2* Resolve issue of user panel tab removement

0 commit comments

Comments
 (0)