aboutsummaryrefslogtreecommitdiffstats
path: root/main/roundcubemail/save_prefs_vulnerability_fix_0.6.patch
diff options
context:
space:
mode:
Diffstat (limited to 'main/roundcubemail/save_prefs_vulnerability_fix_0.6.patch')
-rw-r--r--main/roundcubemail/save_prefs_vulnerability_fix_0.6.patch24
1 files changed, 24 insertions, 0 deletions
diff --git a/main/roundcubemail/save_prefs_vulnerability_fix_0.6.patch b/main/roundcubemail/save_prefs_vulnerability_fix_0.6.patch
new file mode 100644
index 0000000000..ef8c14b9e2
--- /dev/null
+++ b/main/roundcubemail/save_prefs_vulnerability_fix_0.6.patch
@@ -0,0 +1,24 @@
+--- a/program/steps/utils/save_pref.inc 2013-03-27 17:16:36.000000000 +0100
++++ b/program/steps/utils/save_pref.inc 2013-03-27 17:17:33.000000000 +0100
+@@ -21,6 +21,21 @@
+
+ $name = get_input_value('_name', RCUBE_INPUT_POST);
+ $value = get_input_value('_value', RCUBE_INPUT_POST);
++$whitelist = array(
++ 'preview_pane',
++ 'list_cols',
++ 'collapsed_folders',
++);
++
++if (!in_array($name, $whitelist)) {
++ raise_error(array('code' => 500, 'type' => 'php',
++ 'file' => __FILE__, 'line' => __LINE__,
++ 'message' => sprintf("Hack attempt detected (user: %s)", $RCMAIL->get_user_name())),
++ true, false);
++
++ $OUTPUT->reset();
++ $OUTPUT->send();
++}
+
+ // save preference value
+ $RCMAIL->user->save_prefs(array($name => $value));