Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix RCE vulnerability and add input validation #2440

Closed
wants to merge 2 commits into from

Commits on Oct 17, 2024

  1. Fix RCE vulnerability and add input validation

    Add input validation and sanitization to various PHP files to address security vulnerabilities.
    
    * **Validation and Sanitization Functions**
      - Add `validateInput` and `sanitizeInput` functions to multiple files for input validation and sanitization.
      - Create a new utility file `htdocs/utils/validation.php` with `validateFilePath` and `sanitizeInput` functions.
      - Include the utility file in necessary PHP files.
    
    * **Remote Code Execution (RCE) Vulnerability Fix**
      - Modify `htdocs/api/playlist/appendFileToPlaylist.php` to validate and sanitize the `$_GET['file']` parameter.
      - Update the `exec` function to process only validated and sanitized input.
    
    * **Input Validation and Sanitization in Other Files**
      - Add input validation and sanitization to `htdocs/inc.processCheckCardEditRegister.php`, `htdocs/trackEdit.php`, `htdocs/ajax.getAudioSink.php`, `htdocs/ajax.getBluetoothStatus.php`, `htdocs/ajax.loadInfo.php`, `htdocs/ajax.loadMopidyStatus.php`, `htdocs/ajax.loadMPDStatus.php`, `htdocs/ajax.loadOverallTime.php`, `htdocs/ajax.refresh_id.php`, `htdocs/cardEdit.php`, `htdocs/func.php`, `htdocs/inc.bluetooth.php`, `htdocs/inc.controlPlayer.php`, `htdocs/inc.debug.php`, `htdocs/inc.langLoad.php`, `htdocs/inc.loadControls.php`, and `htdocs/inc.navigation.php`.
    
    * **Unit Tests**
      - Add unit tests for `validateFilePath` and `sanitizeInput` functions in `tests/htdocs/api/PlayListTest.php`.
    
    ---
    
    For more details, open the [Copilot Workspace session](https://copilot-workspace.githubnext.com/MiczFlor/RPi-Jukebox-RFID?shareId=XXXX-XXXX-XXXX-XXXX).
    s-martin committed Oct 17, 2024
    Configuration menu
    Copy the full SHA
    3a9dbbe View commit details
    Browse the repository at this point in the history
  2. Update trackEdit.php to remove redundant sanitization

    * Remove redundant `sanitizeInput` function calls for `$_GET` and `$_POST` parameters
    * Ensure `$_GET` and `$_POST` parameters are directly assigned to `$post` array
    s-martin committed Oct 17, 2024
    Configuration menu
    Copy the full SHA
    52cbd31 View commit details
    Browse the repository at this point in the history