harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

xss attack vector in bbcode.php - check for proc_open being disabled for security reasons in install

Browse Source
This commit is contained in:
friendica 2013-02-26 19:41:44 -08:00
parent ed2ff18cac
commit 70e766c2bf
2 changed files with 17 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
include/bbcode.php
View File

@ -502,22 +502,22 @@ function bbcode($Text,$preserve_nl = false, $tryoembed = true) {
// Clean up the HTML by loading and saving the HTML with the DOM // Clean up the HTML by loading and saving the HTML with the DOM
// Only do it when it has to be done - for performance reasons // Only do it when it has to be done - for performance reasons
if (!$tryoembed) { // if (!$tryoembed) {//
$doc = new DOMDocument(); // $doc = new DOMDocument();
$doc->preserveWhiteSpace = false; // $doc->preserveWhiteSpace = false;
$Text = mb_convert_encoding($Text, 'HTML-ENTITIES', "UTF-8"); // $Text = mb_convert_encoding($Text, 'HTML-ENTITIES', "UTF-8");
$doctype = '<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">'; // $doctype = '<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">';
@$doc->loadHTML($doctype."<html><body>".$Text."</body></html>"); // @$doc->loadHTML($doctype."<html><body>".$Text."</body></html>");
$Text = $doc->saveHTML(); // $Text = $doc->saveHTML();
$Text = str_replace(array("<html><body>", "</body></html>", $doctype), array("", "", ""), $Text); // $Text = str_replace(array("<html><body>", "</body></html>", $doctype), array("", "", ""), $Text);
$Text = str_replace('<br></li>','</li>', $Text); // $Text = str_replace('<br></li>','</li>', $Text);
$Text = mb_convert_encoding($Text, "UTF-8", 'HTML-ENTITIES'); // $Text = mb_convert_encoding($Text, "UTF-8", 'HTML-ENTITIES');
} // }
call_hooks('bbcode',$Text); call_hooks('bbcode',$Text);

6
mod/setup.php
View File

@ -397,6 +397,12 @@ function check_funcs(&$checks) {
check_add($ck_funcs, t('Apache mod_rewrite module'), true, true, ""); check_add($ck_funcs, t('Apache mod_rewrite module'), true, true, "");
} }
} }
if((! function_exists('proc_open')) || strstr(ini_get('disable_functions'),'proc_open')) {
check_add($ck_funcs, t('proc_open'), false, true, t('Error: proc_open is required but is either not installed or has been disabled in php.ini'));
}
else {
check_add($ck_funcs, t('proc_open'), true, true, "");
}
if(! function_exists('curl_init')){ if(! function_exists('curl_init')){
$ck_funcs[0]['status']= false; $ck_funcs[0]['status']= false;