Skip to content
Permalink
Browse files Browse the repository at this point in the history
* Fix Bug #433, secure variable on first time installation to prevent
      RCE, thanks to Shinkurt
  • Loading branch information
garvinhicking committed Dec 19, 2016
1 parent 9c76299 commit bba6a84
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 1 deletion.
3 changes: 3 additions & 0 deletions docs/NEWS
Expand Up @@ -4,6 +4,9 @@ Version 2.0.6 ()
* Fix Bug #428, regression when fetching remote files, wrong call
to HTTP_Request::getEffectiveUrl()

* Fix Bug #433, secure variable on first time installation to prevent
RCE, thanks to Shinkurt

Version 2.0.5 (November 28th, 2016)
------------------------------------------------------------------------

Expand Down
2 changes: 1 addition & 1 deletion include/functions_installer.inc.php
Expand Up @@ -629,7 +629,7 @@ function serendipity_checkInstallation() {
$errs[] = INSTALL_DBPREFIX_INVALID;
}

$serendipity['dbType'] = $_POST['dbType'];
$serendipity['dbType'] = preg_replace('@[^a-z0-9-]@imsU', '', $_POST['dbType']);
// Probe database
// (do it after the dir stuff, as we need to be able to create the sqlite database)
include_once(S9Y_INCLUDE_PATH . "include/db/{$serendipity['dbType']}.inc.php");
Expand Down

0 comments on commit bba6a84

Please sign in to comment.