dkwakkel

Dangerous file inclusion

By dkwakkel, in FusionCharts and PHP

Recommended Posts

dkwakkel   

dkwakkel
Posted

During security scan the following issue was found:

 

The file index.php passes an unvalidated filename to a dynamic include statement on

line 163. Allowing unvalidated user input to control files that are included
dynamically in PHP can lead to malicious code execution.
 
index.php:151 Read $_POST()
$exportRequestStream = $_POST;
Sink: index.php:163 builtin_include()
if (!@include( $exporterResource )) {
 
Given this line in getExporter:
    $path = RESOURCE_PATH . EXPORT_HANDLER . strtoupper($streamtype) . "2{$exporterSuffix}.php";
 
I could imagine that if streamtype contains e.g. '\..\..\..\somefile.txt ' illegal content can be included.
 
Can this be fixed by e.g. sanitizing streamtype and exporterSuffix? 
 

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Go To Topic Listing FusionCharts and PHP