Skip to content
Permalink
Browse files Browse the repository at this point in the history
Fix object injection vulnerability
  • Loading branch information
yurabakhtin committed Oct 3, 2016
1 parent b9545bc commit 999b5ad
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion htsrv/call_plugin.php
Expand Up @@ -36,7 +36,7 @@
}
else
{ // Params given:
if( ( substr( $params, 0, 2 ) == 'a:' ) && ( ! preg_match( '/(;|{|})O:\+?[0-9]+:"/', $params ) ) )
if( ( substr( $params, 0, 2 ) == 'a:' ) && ( ! preg_match( '/(s:\d+:"[^"]*"|i:\d+)(;|{|})O:\+?[0-9]+:"/', $params ) ) )
{ // Allow to unserialize only arrays + check there is no Object in the array (We NEVER want to unserialize an object)
// (This may result in "false", but this means that unserializing failed)
$params = @unserialize( $params );
Expand Down

0 comments on commit 999b5ad

Please sign in to comment.