[Phpmyadmin-git] [SCM] phpMyAdmin branch, master, updated. RELEASE_3_4_7_1-23452-g96dd071

Marc Delisle lem9 at users.sourceforge.net
Thu Nov 24 22:56:04 CET 2011 

The branch, master has been updated
       via  96dd071a5f2362d5a244656bf4acf240b5b1aac0 (commit)
       via  29455fe79bc9896129d7004e0242c451f4a32cc8 (commit)
       via  cf5faa1dd1bcae329eddb793765ad2ba3e4471dc (commit)
       via  077c10020e349e8c1beb46309098992fde616913 (commit)
       via  dac8d6ce256333ff45b5f46270304b8657452740 (commit)
       via  bc45a1048d2f5ca8a532f774ddb1dd80985dff3d (commit)
       via  1490533d91e9d3820e78ca4eac7981886eaea2cb (commit)
       via  b289fe082441dc739939b0ba15dae0d9dc6cee92 (commit)
      from  03fd5593823d6999e85792a910d460902f844db3 (commit)


- Log -----------------------------------------------------------------
commit 96dd071a5f2362d5a244656bf4acf240b5b1aac0
Merge: 03fd559 29455fe
Author: Marc Delisle <marc at infomarc.info>
Date:   Thu Nov 24 16:54:25 2011 -0500

    Fix merge conflicts

-----------------------------------------------------------------------

Summary of changes:
 ChangeLog                |    5 +++++
 js/db_operations.js      |    2 +-
 libraries/common.lib.php |    5 +----
 tbl_indexes.php          |    4 ++--
 tbl_select.php           |    2 +-
 5 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 2c6e859..062ee96 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -81,6 +81,11 @@ phpMyAdmin - ChangeLog
 - [interface] Avoid showing the password in phpinfo()'s output
 - bug #3441572 [GUI] 'newer version of phpMyAdmin' message not shown in IE8
 - bug #3407235 [interface] Entering the key through a lookup window does not reset NULL
+- [security] Self-XSS on database names (Synchronize), see PMASA-2011-18
+- [security] Self-XSS on database names (Operations/rename), see PMASA-2011-18
+- [security] Self-XSS on column type (Create index), see PMASA-2011-18
+- [security] Self-XSS on column type (table Search), see PMASA-2011-18
+- [security] Self-XSS on invalid query (table overview), see PMASA-2011-18
 
 3.4.7.1 (2011-11-10)
 - [security] Fixed possible local file inclusion in XML import
diff --git a/js/db_operations.js b/js/db_operations.js
index 9776cef..bc61679 100644
--- a/js/db_operations.js
+++ b/js/db_operations.js
@@ -32,7 +32,7 @@ $(document).ready(function() {
 
         var $form = $(this);
 
-        var question = 'CREATE DATABASE ' + $('#new_db_name').val() + ' / DROP DATABASE ' + window.parent.db;
+        var question = escapeHtml('CREATE DATABASE ' + $('#new_db_name').val() + ' / DROP DATABASE ' + window.parent.db);
 
         PMA_prepareForAjaxRequest($form);
         /**
diff --git a/libraries/common.lib.php b/libraries/common.lib.php
index bb5c6e1..767e284 100644
--- a/libraries/common.lib.php
+++ b/libraries/common.lib.php
@@ -1066,13 +1066,10 @@ function PMA_showMessage($message, $sql_query = null, $type = 'notice', $is_view
         } else {
             // Parse SQL if needed
             $parsed_sql = PMA_SQP_parse($query_base);
-            if (PMA_SQP_isError()) {
-                unset($parsed_sql);
-            }
         }
 
         // Analyze it
-        if (isset($parsed_sql)) {
+        if (isset($parsed_sql) && ! PMA_SQP_isError()) {
             $analyzed_display_query = PMA_SQP_analyze($parsed_sql);
 
             // Same as below (append LIMIT), append the remembered ORDER BY
diff --git a/tbl_indexes.php b/tbl_indexes.php
index 195568b..bcdc59c 100644
--- a/tbl_indexes.php
+++ b/tbl_indexes.php
@@ -233,7 +233,7 @@ foreach ($index->getColumns() as $column) {
         ) {
             echo '<option value="' . htmlspecialchars($field_name) . '"'
                  . (($field_name == $column->getName()) ? ' selected="selected"' : '') . '>'
-                 . htmlspecialchars($field_name) . ' [' . $field_type . ']'
+                 . htmlspecialchars($field_name) . ' [' . htmlspecialchars($field_type) . ']'
                  . '</option>' . "\n";
         }
     } // end foreach $fields
@@ -256,7 +256,7 @@ for ($i = 0; $i < $add_fields; $i++) {
     <?php
     foreach ($fields as $field_name => $field_type) {
         echo '<option value="' . htmlspecialchars($field_name) . '">'
-             . htmlspecialchars($field_name) . ' [' . $field_type . ']'
+             . htmlspecialchars($field_name) . ' [' . htmlspecialchars($field_type) . ']'
              . '</option>' . "\n";
     } // end foreach $fields
     ?>
diff --git a/tbl_select.php b/tbl_select.php
index 7103814..c888291 100644
--- a/tbl_select.php
+++ b/tbl_select.php
@@ -113,7 +113,7 @@ echo PMA_generate_html_tabs(PMA_tbl_getSubTabs(), $url_params, '', 'topmenu2');
             }
             ?>
             <th><?php echo htmlspecialchars($fields_list[$i]); ?></th>
-            <td><?php echo $fields_type[$i]; ?></td>
+            <td><?php echo htmlspecialchars($fields_type[$i]); ?></td>
             <td><?php echo $fields_collation[$i]; ?></td>
             <td><select name="func[]">
         <?php


hooks/post-receive
-- 
phpMyAdmin

More information about the Git mailing list