Skip to content
Snippets Groups Projects
Commit e16394ed authored by Jaime Pérez Crespo's avatar Jaime Pérez Crespo
Browse files

Sanitize input in the aggregator module. See issue #593 for more info. 

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@3304 44740490-163a-0410-bde0-09ae8108e29a
parent 66cb3d6a
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
modules/aggregator/www/arp.php
+ 10
0
View file @ e16394ed
...@@ -40,6 +40,16 @@ if (isset($_REQUEST['prefix'])) $prefix = $_REQUEST['prefix']; ...@@ -40,6 +40,16 @@ if (isset($_REQUEST['prefix'])) $prefix = $_REQUEST['prefix'];
$suffix = ''; $suffix = '';
if (isset($_REQUEST['suffix'])) $suffix = $_REQUEST['suffix']; if (isset($_REQUEST['suffix'])) $suffix = $_REQUEST['suffix'];
/* Make sure that the request isn't suspicious (contains references to current
* directory or parent directory or anything like that. Searching for './' in the
* URL will detect both '../' and './'. Searching for '\' will detect attempts to
* use Windows-style paths.
*/
if (strpos($attributemap, '\\') !== FALSE) {
throw new SimpleSAML_Error_BadRequest('Requested URL contained a backslash.');
} elseif (strpos($attributemap, './') !== FALSE) {
throw new SimpleSAML_Error_BadRequest('Requested URL contained \'./\'.');
}
$arp = new sspmod_aggregator_ARP($md, $attributemap, $prefix, $suffix); $arp = new sspmod_aggregator_ARP($md, $attributemap, $prefix, $suffix);
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment