From aa42df748b4b46f4eea76f1d7fc51adac7538365 Mon Sep 17 00:00:00 2001 From: Spuds Date: Wed, 9 Jul 2014 09:49:17 -0400 Subject: [PATCH] ! Probably the least of the worries in terms of an exploit via this tunnel, but safe is safe. Signed-off-by: Spuds --- sources/admin/PackageServers.controller.php | 4 ++-- sources/subs/Package.subs.php | 5 +++-- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/sources/admin/PackageServers.controller.php b/sources/admin/PackageServers.controller.php index 59cbf37f64..6e727eb127 100644 --- a/sources/admin/PackageServers.controller.php +++ b/sources/admin/PackageServers.controller.php @@ -206,7 +206,7 @@ public function action_browse() // Use the package list's name if it exists. if ($listing->exists('list-title')) - $name = $listing->fetch('list-title'); + $name = Util::htmlspecialchars($listing->fetch('list-title')); // Pick the correct template. $context['sub_template'] = 'package_list'; @@ -379,7 +379,7 @@ public function action_browse() $package['author']['website']['name'] = $default_website; if ($thisPackage->exists('website') && $thisPackage->fetch('website') != '') - $authorhomepage = $thisPackage->fetch('website'); + $authorhomepage = Util::htmlspecialchars($thisPackage->fetch('website')); else $authorhomepage = $default_website; diff --git a/sources/subs/Package.subs.php b/sources/subs/Package.subs.php index f494ebb335..2b56ce007f 100644 --- a/sources/subs/Package.subs.php +++ b/sources/subs/Package.subs.php @@ -532,11 +532,12 @@ function getPackageInfo($gzfilename) $packageInfo = $packageInfo->path('package-info[0]'); - $package = $packageInfo->to_array(); + // Convert packageInfo to an array for use + $package = htmlspecialchars__recursive($packageInfo->to_array()); $package['xml'] = $packageInfo; $package['filename'] = $gzfilename; - $package['name'] = Util::htmlspecialchars($package['name']); + // Set a default type if none was supplied in the package if (!isset($package['type'])) $package['type'] = 'modification';