search

nathan2day / android-remote-stacktrace

Automatically exported from code.google.com/p/android-remote-stacktrace
0 stars 0 forks source link

server.php is kinda insecure #4

Open GoogleCodeExporter opened 8 years ago

GoogleCodeExporter commented 8 years ago 
Hi guys, you might want to do some basic checks/cleaning on your POST vars
in the server.php file. As it stands right now, an attacker could write an
arbitrary payload to any path that the php/server process has write access
to. This is somewhat mitigated by the limited file extensions, I guess, but
it still seems like a pretty bad idea. Here's a really basic cleaning
function that could be run on the package_name and package_version fields:

function clean( $input, $max_length=255 ) {
    $input = trim($input) ;
    $input = substr($input, 0, $max_length) ;
    $input = preg_replace("/[^a-zA-Z0-9_-]/", "_", $input) ;
    return $input ;
}

More could be done, and it might be smart to protect the stacktrace field
as well, but it's a starting point. Modified file attached.

Original issue reported on code.google.com by lav...@gmail.com on 17 Jan 2010 at 7:23

Attachments:

GoogleCodeExporter commented 8 years ago 
Adding hard-coded package name would also be good thing if it is only for you.

Original comment by someb...@gmail.com on 23 Feb 2011 at 2:47

GoogleCodeExporter commented 8 years ago 
Has Anybody the same effort as me to build up a server backend to store and 
manage the Stacktrace in a DB and make them available in a nice little website?

Original comment by andi.sch...@gmail.com on 30 Jan 2013 at 9:53