Skip to content
This repository has been archived by the owner on Dec 13, 2022. It is now read-only.

SNYK: Sanitize and bind generateImage queries 22.04 #11561

Merged
merged 1 commit into from
Aug 11, 2022
Merged

SNYK: Sanitize and bind generateImage queries 22.04 #11561

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
38 changes: 29 additions & 9 deletions www/include/views/graphs/generateGraphs/generateImage.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -95,6 +95,8 @@
} else {
die('Invalid token');
}
} else {
throw new \Exception('Username and token query strings must be set.');
}

$index = filter_var(
Expand Down Expand Up @@ -182,19 +184,37 @@
$dbstorage = new CentreonDB('centstorage');

$aclGroups = $acl->getAccessGroupsString();
$sql = "SELECT host_id, service_id FROM index_data WHERE id = " .$pearDB->escape($index);
$res = $dbstorage->query($sql);
if (!$res->rowCount()) {
$sql = "SELECT host_id, service_id FROM index_data WHERE id = :index_data_id";
$statement = $dbstorage->prepare($sql);
$statement->bindValue(':index_data_id', (int) $index, \PDO::PARAM_INT);
$statement->execute();
if (!$statement->rowCount()) {
die('Graph not found');
}
$row = $res->fetch();
unset($res);
$row = $statement->fetch(\PDO::FETCH_ASSOC);
unset($statement);
$hostId = $row['host_id'];
$serviceId = $row['service_id'];
$sql = "SELECT service_id FROM centreon_acl WHERE host_id = $hostId AND service_id = $serviceId
AND group_id IN ($aclGroups)";
$res = $pearDBO->query($sql);
if (!$res->rowCount()) {
$aclGroupsExploded = explode(',', $aclGroups);
if (empty($aclGroupsExploded)) {
throw new \Exception('Access denied');
}

$aclGroupsQueryBinds = [];
foreach ($aclGroupsExploded as $key => $value) {
$aclGroupsQueryBinds[':acl_group_' . $key] = $value;
}
$aclGroupBinds = implode(',', array_keys($aclGroupsQueryBinds));
$sql = "SELECT service_id FROM centreon_acl WHERE host_id = :host_id AND service_id = :service_id
AND group_id IN ($aclGroupBinds)";
$statement = $pearDBO->prepare($sql);
$statement->bindValue(':host_id', (int) $hostId, \PDO::PARAM_INT);
$statement->bindValue(':service_id', (int) $serviceId, \PDO::PARAM_INT);
foreach ($aclGroupsQueryBinds as $key => $value) {
$statement->bindValue($key, (int) $value, \PDO::PARAM_INT);
}
$statement->execute();
if (!$statement->rowCount()) {
die('Access denied');
}
}
Expand Down