From b51b3e44b0ee312e17ea4e36679061083dd14f1b Mon Sep 17 00:00:00 2001 From: David Anderson Date: Wed, 18 Dec 2024 15:54:25 -0800 Subject: [PATCH] web: remove vulnerabilities in tree_threader and in unused badge function --- html/inc/util_ops.inc | 3 +++ html/user/tree_threader.php | 4 +++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/html/inc/util_ops.inc b/html/inc/util_ops.inc index 7ac4e17a6ee..ff10678c527 100644 --- a/html/inc/util_ops.inc +++ b/html/inc/util_ops.inc @@ -331,6 +331,9 @@ function app_version_desc($avid) { ////// badge-related stuff function get_badge($name, $title, $image_url) { + $name = BoincDb::escape_string($name); + $title = BoincDb::escape_string($title); + $image_url = BoincDb::escape_string($image_url); $b = BoincBadge::lookup("name='$name'"); if ($b) return $b; $now = time(); diff --git a/html/user/tree_threader.php b/html/user/tree_threader.php index c9b827f5e7c..b03c623261d 100644 --- a/html/user/tree_threader.php +++ b/html/user/tree_threader.php @@ -1,5 +1,7 @@ auth; +$auth = BoincDb::escape_string((string)$r->auth); $user = BoincUser::lookup("authenticator='$auth'"); if (!$user) error("invalid authenticator"); $user_submit = BoincUserSubmit::lookup_userid($user->id);