From 2db2327e2ec1ba38e1c226eb7c6dd75f3c4de31b Mon Sep 17 00:00:00 2001 From: Dimitar Kalinov Date: Tue, 26 Feb 2019 15:04:50 +0200 Subject: [PATCH] fix(xss): fix SQL injection for GET parameter - Fix $_GET['host_id'] => parse it as integer - remove unnecessary ';' in code --- www/include/views/graphs/common/makeXML_ListServices.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/www/include/views/graphs/common/makeXML_ListServices.php b/www/include/views/graphs/common/makeXML_ListServices.php index 15f75ee0a2f..3c8d1814139 100644 --- a/www/include/views/graphs/common/makeXML_ListServices.php +++ b/www/include/views/graphs/common/makeXML_ListServices.php @@ -57,7 +57,6 @@ putenv("LANG=$locale"); setlocale(LC_ALL, $locale); bindtextdomain("messages", _CENTREON_PATH_ . "www/locale/"); -; bind_textdomain_codeset("messages", "UTF-8"); textdomain("messages"); @@ -71,7 +70,7 @@ $mx_l = strlen($s_datas[""]); if (isset($_GET["host_id"]) && $_GET["host_id"] != 0) { - $pq_sql = $pearDBO->query("SELECT id index_id, service_description FROM index_data WHERE host_id='".$_GET['host_id']."'ORDER BY service_description"); + $pq_sql = $pearDBO->query("SELECT id index_id, service_description FROM index_data WHERE host_id=".(int)$_GET['host_id']." ORDER BY service_description"); while ($fw_sql = $pq_sql->fetchRow()) { $fw_sql["service_description"] = str_replace($a_this, $a_that, $fw_sql["service_description"]); $s_datas[$fw_sql["index_id"]] = $fw_sql["service_description"]."   "; @@ -85,4 +84,4 @@ for ($i = strlen($s_datas[""]); $i != $mx_l; $i++) { $s_datas[""] .= " "; } - $buffer->output(); +$buffer->output();