dbxe
/
fusionpbx
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Security use escapeshellarg

This commit is contained in:
FusionPBX 2022-06-29 10:24:05 -06:00 committed by GitHub
parent b8f70a6cb5
commit de22a9121a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 16 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
app/fax/fax_send.php
View File

@ -312,7 +312,7 @@ if (!function_exists('fax_split_dtmf')) {
if ($fax_file_extension != "pdf" && $fax_file_extension != "tif") {
chdir($dir_fax_temp);
$command = $IS_WINDOWS ? '' : 'export HOME=/tmp && ';
$command .= 'libreoffice --headless --convert-to pdf --outdir '.$dir_fax_temp.' '.$dir_fax_temp.'/'.$fax_name.'.'.$fax_file_extension;
$command .= 'libreoffice --headless --convert-to pdf --outdir '.$dir_fax_temp.' '.$dir_fax_temp.'/'.escapeshellarg($fax_name).'.'.escapeshellarg($fax_file_extension);
exec($command);
@unlink($dir_fax_temp.'/'.$fax_name.'.'.$fax_file_extension);
}
@ -322,7 +322,7 @@ if (!function_exists('fax_split_dtmf')) {
chdir($dir_fax_temp);
//convert pdf to tif
$cmd = exec('which gs')." -q -r".$gs_r." -g".$gs_g." -dBATCH -dPDFFitPage -dNOSAFER -dNOPAUSE -dBATCH -sOutputFile=".correct_path($fax_name).".tif -sDEVICE=tiffg4 -Ilib stocht.ps -c \"{ .75 gt { 1 } { 0 } ifelse} settransfer\" -- ".correct_path($fax_name).".pdf -c quit";
$cmd = exec('which gs')." -q -r".$gs_r." -g".$gs_g." -dBATCH -dPDFFitPage -dNOSAFER -dNOPAUSE -dBATCH -sOutputFile=".escapeshellarg($fax_name).".tif -sDEVICE=tiffg4 -Ilib stocht.ps -c \"{ .75 gt { 1 } { 0 } ifelse} settransfer\" -- ".escapeshellarg($fax_name).".pdf -c quit";
// echo($cmd . "<br/>\n");
exec($cmd);
@unlink($dir_fax_temp.'/'.$fax_name.'.pdf');
@ -672,17 +672,17 @@ if (!function_exists('fax_split_dtmf')) {
//send the fax
$fax_file = $dir_fax_sent."/".$fax_instance_uuid.".tif";
$common_variables .= "fax_queue_uuid='" . $fax_queue_uuid . "',";
$common_variables .= "fax_queue_uuid='" . escapeshellarg($fax_queue_uuid) . "',";
$common_variables = "for_fax=1,";
$common_variables .= "accountcode='" . $fax_accountcode . "',";
$common_variables .= "sip_h_X-accountcode='" . $fax_accountcode . "',";
$common_variables .= "domain_uuid=" . $_SESSION["domain_uuid"] . ",";
$common_variables .= "domain_name=" . $_SESSION["domain_name"] . ",";
$common_variables .= "origination_caller_id_name='" . $fax_caller_id_name . "',";
$common_variables .= "origination_caller_id_number='" . $fax_caller_id_number . "',";
$common_variables .= "fax_ident='" . $fax_caller_id_number . "',";
$common_variables .= "fax_header='" . $fax_caller_id_name . "',";
$common_variables .= "fax_file='" . $fax_file . "',";
$common_variables .= "accountcode='" . escapeshellarg($fax_accountcode) . "',";
$common_variables .= "sip_h_X-accountcode='" . escapeshellarg($fax_accountcode) . "',";
$common_variables .= "domain_uuid=" . escapeshellarg($_SESSION["domain_uuid"]) . ",";
$common_variables .= "domain_name=" . escapeshellarg($_SESSION["domain_name"]) . ",";
$common_variables .= "origination_caller_id_name='" . escapeshellarg($fax_caller_id_name) . "',";
$common_variables .= "origination_caller_id_number='" . escapeshellarg($fax_caller_id_number) . "',";
$common_variables .= "fax_ident='" . escapeshellarg($fax_caller_id_number) . "',";
$common_variables .= "fax_header='" . escapeshellarg($fax_caller_id_name) . "',";
$common_variables .= "fax_file='" . escapeshellarg($fax_file) . "',";
foreach ($fax_numbers as $fax_number) {
@ -704,16 +704,16 @@ if (!function_exists('fax_split_dtmf')) {
$fax_uri = $route_array[0];
$fax_variables = "";
foreach($_SESSION['fax']['variable'] as $variable) {
$fax_variables .= $variable.",";
$fax_variables .= escapeshellarg($variable).",";
}
}
//build the fax dial string
$dial_string = $common_variables;
$dial_string .= $fax_variables;
$dial_string .= "mailto_address='" . $mail_to_address . "',";
$dial_string .= "mailfrom_address='" . $mail_from_address . "',";
$dial_string .= "fax_uri=" . $fax_uri . ",";
$dial_string .= "mailto_address='" . escapeshellarg($mail_to_address) . "',";
$dial_string .= "mailfrom_address='" . escapeshellarg($mail_from_address) . "',";
$dial_string .= "fax_uri=" . escapeshellarg($fax_uri) . ",";
$dial_string .= "fax_retry_attempts=1" . ",";
$dial_string .= "fax_retry_limit=20" . ",";
$dial_string .= "fax_retry_sleep=180" . ",";