fix(security): defense-in-depth hardening for plugin_flowview

.github/dependabot.yml

@@ -0,0 +1,12 @@
+version: 2
+updates:
+  - package-ecosystem: "composer"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    open-pull-requests-limit: 10
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    open-pull-requests-limit: 10

.gitignore

@@ -22,3 +22,4 @@
 .git*
 config.php
 locales/po/*.mo
+.omc/

Net/DNS2/Cache.php

@@ -79,7 +79,7 @@ public function get($key)
             if ($this->cache_serializer == 'json') {
                 return json_decode($this->cache_data[$key]['object']);
             } else {
-                return unserialize($this->cache_data[$key]['object']);
+                return unserialize($this->cache_data[$key]['object'], array('allowed_classes' => false));
             }
         } else {
 

Net/DNS2/Cache/File.php

@@ -78,7 +78,7 @@ public function open($cache_file, $size, $serializer)
                     $decoded = json_decode($data, true);         
                 } else {
 
-                    $decoded = unserialize($data);                
+                    $decoded = unserialize($data, array('allowed_classes' => false));                
                 }
 
                 if (is_array($decoded) == true) {
@@ -170,7 +170,7 @@ public function __destruct()
                         $decoded = json_decode($data, true);
                     } else {
 
-                        $decoded = unserialize($data);
+                        $decoded = unserialize($data, array('allowed_classes' => false));
                     }
 
                     if (is_array($decoded) == true) {

Net/DNS2/Cache/Shm.php

@@ -115,7 +115,7 @@ public function open($cache_file, $size, $serializer)
                         $decoded = json_decode($data, true);
                     } else {
 
-                        $decoded = unserialize($data);
+                        $decoded = unserialize($data, array('allowed_classes' => false));
                     }
 
                     if (is_array($decoded) == true) {
@@ -213,7 +213,7 @@ public function __destruct()
                     $decoded = json_decode($data, true);
                 } else {
 
-                    $decoded = unserialize($data);
+                    $decoded = unserialize($data, array('allowed_classes' => false));
                 }   
 
                 if (is_array($decoded) == true) {

database.php

@@ -65,7 +65,7 @@ function flowview_db_close(&$flowview_cnn) {
  * @return '1' for success, '0' for error
  */
 function flowview_db_execute($sql, $log = true, $cnn_id = false) {
-	$flowview_cnn = flowview_get_connection($cnn_id);;
+	$flowview_cnn = flowview_get_connection($cnn_id);
 
 	return db_execute($sql, $log, $flowview_cnn);
 }
@@ -80,7 +80,7 @@ function flowview_db_execute($sql, $log = true, $cnn_id = false) {
  * @return '1' for success, '0' for error
  */
 function flowview_db_execute_prepared($sql, $parms = array(), $log = true, $cnn_id = false) {
-	$flowview_cnn = flowview_get_connection($cnn_id);;
+	$flowview_cnn = flowview_get_connection($cnn_id);
 
 	return db_execute_prepared($sql, $parms, $log, $flowview_cnn);
 }
@@ -97,7 +97,7 @@ function flowview_db_execute_prepared($sql, $parms = array(), $log = true, $cnn_
  * @return (bool) the output of the sql query as a single variable
  */
 function flowview_db_fetch_cell($sql, $col_name = '', $log = true, $cnn_id = false) {
-	$flowview_cnn = flowview_get_connection($cnn_id);;
+	$flowview_cnn = flowview_get_connection($cnn_id);
 
 	return db_fetch_cell($sql, $col_name, $log, $flowview_cnn);
 }
@@ -115,7 +115,7 @@ function flowview_db_fetch_cell($sql, $col_name = '', $log = true, $cnn_id = fal
  * @return (bool) the output of the sql query as a single variable
  */
 function flowview_db_fetch_cell_prepared($sql, $params = array(), $col_name = '', $log = true, $cnn_id = false) {
-	$flowview_cnn = flowview_get_connection($cnn_id);;
+	$flowview_cnn = flowview_get_connection($cnn_id);
 
 	return db_fetch_cell_prepared($sql, $params, $col_name, $log, $flowview_cnn);
 }
@@ -130,7 +130,7 @@ function flowview_db_fetch_cell_prepared($sql, $params = array(), $col_name = ''
  * @return the first row of the result as a hash
  */
 function flowview_db_fetch_row($sql, $log = true, $cnn_id = false) {
-	$flowview_cnn = flowview_get_connection($cnn_id);;
+	$flowview_cnn = flowview_get_connection($cnn_id);
 
 	return db_fetch_row($sql, $log, $flowview_cnn);
 }
@@ -146,7 +146,7 @@ function flowview_db_fetch_row($sql, $log = true, $cnn_id = false) {
  * @return the first row of the result as a hash
  */
 function flowview_db_fetch_row_prepared($sql, $params = array(), $log = true, $cnn_id = false) {
-	$flowview_cnn = flowview_get_connection($cnn_id);;
+	$flowview_cnn = flowview_get_connection($cnn_id);
 
 	return db_fetch_row_prepared($sql, $params, $log, $flowview_cnn);
 }
@@ -161,7 +161,7 @@ function flowview_db_fetch_row_prepared($sql, $params = array(), $log = true, $c
  * @return the entire result set as a multi-dimensional hash
  */
 function flowview_db_fetch_assoc($sql, $log = true, $cnn_id = false) {
-	$flowview_cnn = flowview_get_connection($cnn_id);;
+	$flowview_cnn = flowview_get_connection($cnn_id);
 
 	return db_fetch_assoc($sql, $log, $flowview_cnn);
 }
@@ -177,7 +177,7 @@ function flowview_db_fetch_assoc($sql, $log = true, $cnn_id = false) {
  * @return the entire result set as a multi-dimensional hash
  */
 function flowview_db_fetch_assoc_prepared($sql, $params = array(), $log = true, $cnn_id = false) {
-	$flowview_cnn = flowview_get_connection($cnn_id);;
+	$flowview_cnn = flowview_get_connection($cnn_id);
 
 	return db_fetch_assoc_prepared($sql, $params, $log, $flowview_cnn);
 }
@@ -190,7 +190,7 @@ function flowview_db_fetch_assoc_prepared($sql, $params = array(), $log = true,
  * @return the id of the last auto incriment row that was created
  */
 function flowview_db_fetch_insert_id($cnn_id = false) {
-	$flowview_cnn = flowview_get_connection($cnn_id);;
+	$flowview_cnn = flowview_get_connection($cnn_id);
 
 	return  db_fetch_insert_id($flowview_cnn);
 }
@@ -206,7 +206,7 @@ function flowview_db_fetch_insert_id($cnn_id = false) {
  * @return the auto incriment id column (if applicable)
  */
 function flowview_db_replace($table_name, $array_items, $keyCols, $cnn_id = false) {
-	$flowview_cnn = flowview_get_connection($cnn_id);;
+	$flowview_cnn = flowview_get_connection($cnn_id);
 
 	return db_replace($table_name, $array_items, $keyCols, $flowview_cnn);
 }
@@ -223,7 +223,7 @@ function flowview_db_replace($table_name, $array_items, $keyCols, $cnn_id = fals
  * @return the auto incriment id column (if applicable)
  */
 function flowview_sql_save($array_items, $table_name, $key_cols = 'id', $autoinc = true, $cnn_id = false) {
-	$flowview_cnn = flowview_get_connection($cnn_id);;
+	$flowview_cnn = flowview_get_connection($cnn_id);
 
 	return sql_save($array_items, $table_name, $key_cols, $autoinc, $flowview_cnn);
 }
@@ -238,7 +238,7 @@ function flowview_sql_save($array_items, $table_name, $key_cols = 'id', $autoinc
  * @return (bool) the output of the sql query as a single variable
  */
 function flowview_db_table_exists($table, $log = true, $cnn_id = false) {
-	$flowview_cnn = flowview_get_connection($cnn_id);;
+	$flowview_cnn = flowview_get_connection($cnn_id);
 
 	preg_match("/([`]{0,1}(?<database>[\w_]+)[`]{0,1}\.){0,1}[`]{0,1}(?<table>[\w_]+)[`]{0,1}/", $table, $matches);
 	if ($matches !== false && array_key_exists('table', $matches)) {
@@ -250,7 +250,7 @@ function flowview_db_table_exists($table, $log = true, $cnn_id = false) {
 }
 
 function flowview_db_table_create($table, $data, $cnn_id = false) {
-	$flowview_cnn = flowview_get_connection($cnn_id);;
+	$flowview_cnn = flowview_get_connection($cnn_id);
 
 	$result = flowview_db_fetch_assoc('SHOW TABLES');
 	$tables = array();
@@ -352,13 +352,13 @@ function flowview_db_table_create($table, $data, $cnn_id = false) {
 }
 
 function flowview_db_column_exists($table, $column, $log = true, $cnn_id = false) {
-	$flowview_cnn = flowview_get_connection($cnn_id);;
+	$flowview_cnn = flowview_get_connection($cnn_id);
 
 	return db_column_exists($table, $column, $log, $flowview_cnn);
 }
 
 function flowview_db_add_column($table, $column, $log = true, $cnn_id = false) {
-	$flowview_cnn = flowview_get_connection($cnn_id);;
+	$flowview_cnn = flowview_get_connection($cnn_id);
 
 	return db_add_column($table, $column, $log, $flowview_cnn);
 }
@@ -372,9 +372,9 @@ function flowview_db_add_column($table, $column, $log = true, $cnn_id = false) {
  *                       or false on error
  */
 function flowview_db_affected_rows($cnn_id = false) {
-	$flowview_cnn = flowview_get_connection($cnn_id);;
+	$flowview_cnn = flowview_get_connection($cnn_id);
 
-	return db_affected_rows($flowview_cnn);;
+	return db_affected_rows($flowview_cnn);
 }
 
 /**
@@ -388,7 +388,7 @@ function flowview_db_affected_rows($cnn_id = false) {
  * @return bool          The output of the sql query as a single variable
  */
 function flowview_db_index_exists($table, $index, $log = true, $cnn_id = false) {
-	$flowview_cnn = flowview_get_connection($cnn_id);;
+	$flowview_cnn = flowview_get_connection($cnn_id);
 
 	return db_index_exists($table, $index, $log, $flowview_cnn);
 }
@@ -412,13 +412,13 @@ function flowview_get_connection($cnn_id) {
  * @return (array) An array of column types indexed by the column names
  */
 function flowview_db_get_table_column_types($table, $cnn_id = false) {
-	$flowview_cnn = flowview_get_connection($cnn_id);;
+	$flowview_cnn = flowview_get_connection($cnn_id);
 
     $columns = db_fetch_assoc("SHOW COLUMNS FROM $table", false, $flowview_cnn);
     $cols    = array();
     if (cacti_sizeof($columns)) {
         foreach($columns as $col) {
-            $cols[$col['Field']] = array('type' => $col['Type'], 'null' => $col['Null'], 'default' => $col['Default'], 'extra' => $col['Extra']);;
+            $cols[$col['Field']] = array('type' => $col['Type'], 'null' => $col['Null'], 'default' => $col['Default'], 'extra' => $col['Extra']);
         }
     }
 

flowview_databases.php

@@ -1035,19 +1035,19 @@ function() {
 			}
 
 			$(function() {
-				$('#refresh').click(function() {
+				$('#refresh').on('click', function() {
 					applyFilter();
 				});
 
-				$('#clear').click(function() {
+				$('#clear').on('click', function() {
 					clearFilter();
 				});
 
-				$('#purge').click(function() {
+				$('#purge').on('click', function() {
 					purgeFilter();
 				});
 
-				$('#form').submit(function(event) {
+				$('#form').on('submit', function(event) {
 					event.preventDefault();
 					applyFilter();
 				});
@@ -1353,19 +1353,19 @@ function purgeFilter() {
 			}
 
 			$(function() {
-				$('#refresh').click(function() {
+				$('#refresh').on('click', function() {
 					applyFilter();
 				});
 
-				$('#clear').click(function() {
+				$('#clear').on('click', function() {
 					clearFilter();
 				});
 
-				$('#purge').click(function() {
+				$('#purge').on('click', function() {
 					purgeFilter();
 				});
 
-				$('#form').submit(function(event) {
+				$('#form').on('submit', function(event) {
 					event.preventDefault();
 					applyFilter();
 				});
@@ -1701,19 +1701,19 @@ function() {
 			}
 
 			$(function() {
-				$('#refresh').click(function() {
+				$('#refresh').on('click', function() {
 					applyFilter();
 				});
 
-				$('#clear').click(function() {
+				$('#clear').on('click', function() {
 					clearFilter();
 				});
 
-				$('#purge').click(function() {
+				$('#purge').on('click', function() {
 					purgeFilter();
 				});
 
-				$('#form').submit(function(event) {
+				$('#form').on('submit', function(event) {
 					event.preventDefault();
 					applyFilter();
 				});

flowview_devices.php

@@ -568,14 +568,14 @@ function edit_device() {
 			</form>
 			<script type='text/javascript'>
 			function applyFilter() {
-				strURL  = 'flowview_devices.php?action=edit&id=<?php print get_request_var('id');?>&tab=templates&header=false';
+				strURL  = 'flowview_devices.php?action=edit&id=<?php print (int)get_filter_request_var('id'); ?>&tab=templates&header=false';
 				strURL += '&template=' + $('#template').val();
 				strURL += '&ex_addr='  + $('#ex_addr').val();
 				loadPageNoHeader(strURL);
 			}
 
 			function exportFilter() {
-				strURL  = 'flowview_devices.php?action=export&id=<?php print get_request_var('id');?>&tab=templates&header=false';
+				strURL  = 'flowview_devices.php?action=export&id=<?php print (int)get_filter_request_var('id'); ?>&tab=templates&header=false';
 				strURL += '&template=' + $('#template').val();
 				strURL += '&ex_addr='  + $('#ex_addr').val();
 
@@ -585,15 +585,15 @@ function exportFilter() {
 			}
 
 			$(function() {
-				$('#template, #ex_addr').change(function() {
+				$('#template, #ex_addr').on('change', function() {
 					applyFilter();
 				});
 
-				$('#go').click(function() {
+				$('#go').on('click', function() {
 					applyFilter();
 				});
 
-				$('#export').click(function() {
+				$('#export').on('click', function() {
 					exportFilter();
 				});
 
@@ -796,11 +796,11 @@ function clearFilter() {
 		}
 
 		$(function() {
-			$('#clear').click(function() {
+			$('#clear').on('click', function() {
 				clearFilter();
 			});
 
-			$('#listeners').submit(function(event) {
+			$('#listeners').on('submit', function(event) {
 				event.preventDefault();
 				applyFilter();
 			});

flowview_filters.php

@@ -273,15 +273,15 @@ function clearFilter() {
 		}
 
 		$(function() {
-			$('#clear').click(function() {
+			$('#clear').on('click', function() {
 				clearFilter();
 			});
 
-			$('#rows').change(function() {
+			$('#rows').on('change', function() {
 				applyFilter();
 			});
 
-			$('#form_filter').submit(function(event) {
+			$('#form_filter').on('submit', function(event) {
 				event.preventDefault();
 				applyFilter();
 			});