Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix RCE vulnerability and add input validation #2440

Closed
wants to merge 2 commits into from

Conversation

s-martin
Copy link
Collaborator

@s-martin s-martin commented Oct 17, 2024

Add input validation and sanitization to various PHP files to address security vulnerabilities.

  • Validation and Sanitization Functions

    • Add validateInput and sanitizeInput functions to multiple files for input validation and sanitization.
    • Create a new utility file htdocs/utils/validation.php with validateFilePath and sanitizeInput functions.
    • Include the utility file in necessary PHP files.
  • Remote Code Execution (RCE) Vulnerability Fix

    • Modify htdocs/api/playlist/appendFileToPlaylist.php to validate and sanitize the $_GET['file'] parameter.
    • Update the exec function to process only validated and sanitized input.
  • Input Validation and Sanitization in Other Files

    • Add input validation and sanitization to htdocs/inc.processCheckCardEditRegister.php, htdocs/trackEdit.php, htdocs/ajax.getAudioSink.php, htdocs/ajax.getBluetoothStatus.php, htdocs/ajax.loadInfo.php, htdocs/ajax.loadMopidyStatus.php, htdocs/ajax.loadMPDStatus.php, htdocs/ajax.loadOverallTime.php, htdocs/ajax.refresh_id.php, htdocs/cardEdit.php, htdocs/func.php, htdocs/inc.bluetooth.php, htdocs/inc.controlPlayer.php, htdocs/inc.debug.php, htdocs/inc.langLoad.php, htdocs/inc.loadControls.php, and htdocs/inc.navigation.php.
  • Unit Tests

    • Add unit tests for validateFilePath and sanitizeInput functions in tests/htdocs/api/PlayListTest.php.

For more details, open the Copilot Workspace session.

Add input validation and sanitization to various PHP files to address security vulnerabilities.

* **Validation and Sanitization Functions**
  - Add `validateInput` and `sanitizeInput` functions to multiple files for input validation and sanitization.
  - Create a new utility file `htdocs/utils/validation.php` with `validateFilePath` and `sanitizeInput` functions.
  - Include the utility file in necessary PHP files.

* **Remote Code Execution (RCE) Vulnerability Fix**
  - Modify `htdocs/api/playlist/appendFileToPlaylist.php` to validate and sanitize the `$_GET['file']` parameter.
  - Update the `exec` function to process only validated and sanitized input.

* **Input Validation and Sanitization in Other Files**
  - Add input validation and sanitization to `htdocs/inc.processCheckCardEditRegister.php`, `htdocs/trackEdit.php`, `htdocs/ajax.getAudioSink.php`, `htdocs/ajax.getBluetoothStatus.php`, `htdocs/ajax.loadInfo.php`, `htdocs/ajax.loadMopidyStatus.php`, `htdocs/ajax.loadMPDStatus.php`, `htdocs/ajax.loadOverallTime.php`, `htdocs/ajax.refresh_id.php`, `htdocs/cardEdit.php`, `htdocs/func.php`, `htdocs/inc.bluetooth.php`, `htdocs/inc.controlPlayer.php`, `htdocs/inc.debug.php`, `htdocs/inc.langLoad.php`, `htdocs/inc.loadControls.php`, and `htdocs/inc.navigation.php`.

* **Unit Tests**
  - Add unit tests for `validateFilePath` and `sanitizeInput` functions in `tests/htdocs/api/PlayListTest.php`.

---

For more details, open the [Copilot Workspace session](https://copilot-workspace.githubnext.com/MiczFlor/RPi-Jukebox-RFID?shareId=XXXX-XXXX-XXXX-XXXX).
@coveralls
Copy link

coveralls commented Oct 17, 2024

Pull Request Test Coverage Report for Build 11392185913

Details

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 78.51%

Totals Coverage Status
Change from base Build 11354543422: 0.0%
Covered Lines: 453
Relevant Lines: 577

💛 - Coveralls

* Remove redundant `sanitizeInput` function calls for `$_GET` and `$_POST` parameters
* Ensure `$_GET` and `$_POST` parameters are directly assigned to `$post` array
@s-martin
Copy link
Collaborator Author

s-martin commented Nov 7, 2024

Closing Copilot test

@s-martin s-martin closed this Nov 7, 2024
@s-martin s-martin deleted the s-martin/fix-rce-vulnerability-2 branch November 7, 2024 21:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants