From c842e00399cb298667fe177dbab825e17b4b21a0 Mon Sep 17 00:00:00 2001
From: nachoparker <nacho@ownyourbits.com>
Date: Fri, 4 Jan 2019 15:22:56 -0700
Subject: sanitize params

---
 ncp-web/ncp-launcher.php | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

(limited to 'ncp-web')

diff --git a/ncp-web/ncp-launcher.php b/ncp-web/ncp-launcher.php
index 8590b066..6f103f6b 100644
--- a/ncp-web/ncp-launcher.php
+++ b/ncp-web/ncp-launcher.php
@@ -58,7 +58,15 @@ if ( $_POST['action'] == "launch" && $_POST['config'] )
       or exit('{ "output": "Invalid request" }');
 
     foreach ($cfg['params'] as $index => $param)
-      $cfg['params'][$index]['value'] = $new_params[$cfg['params'][$index]['id']];
+    {
+      // sanitize
+      $val = trim(escapeshellarg($new_params[$cfg['params'][$index]['id']]),"'");
+      preg_match( '/ /' , $val , $matches )
+        and exit( '{ "output": "Invalid parameters" , "token": "' . getCSRFToken() . '" }' );
+
+      // save
+      $cfg['params'][$index]['value'] = $val;
+    }
 
     $cfg_str = json_encode($cfg)
       or exit('{ "output": "' . $ncp_app . ' internal error" }');
-- 
cgit v1.2.3