From: bradymiller <bradymiller@users.sourceforge.net>
Date: Mon, 8 Jul 2013 02:36:26 +0000 (-0700)
Subject: PHPMYADMIN - [PATCH] [security] Global variables scope injection vulnerability (see... 
X-Git-Tag: whats-been-changed~276
X-Git-Url: https://repo.or.cz/w/openemr.git/commitdiff_plain/23ae06ee46d2c05377b70c9510c1e68b36644aef

PHPMYADMIN - [PATCH] [security] Global variables scope injection vulnerability (see PMASA-2013-7)
---

diff --git a/phpmyadmin/ChangeLog b/phpmyadmin/ChangeLog
index 8b29aabbd..b1430c490 100644
--- a/phpmyadmin/ChangeLog
+++ b/phpmyadmin/ChangeLog
@@ -1,6 +1,9 @@
 phpMyAdmin - ChangeLog
 ======================
 
+4.0.4.1 ()
+- [security] Global variables scope injection vulnerability (see PMASA-2013-7)
+
 4.0.4.0 (2013-06-17)
 - bug #3959 Using DefaultTabDatabase in NavigationTree for Database Click
 - bug #3961 Avoid Suhosin warning when in simulation mode
diff --git a/phpmyadmin/import.php b/phpmyadmin/import.php
index 9d193ae63..6075d5d94 100644
--- a/phpmyadmin/import.php
+++ b/phpmyadmin/import.php
@@ -122,6 +122,24 @@ if ($_POST == array() && $_GET == array()) {
  * We only need to load the selected plugin
  */
 
+if (! in_array(
+    $format, 
+    array(
+        'csv',
+        'ldi',
+        'mediawiki',
+        'ods',
+        'shp',
+        'sql',
+        'xml'
+    )
+)
+) {
+    // this should not happen for a normal user
+    // but only during an attack
+    PMA_fatalError('Incorrect format parameter');
+}
+
 $post_patterns = array(
     '/^force_file_/',
     '/^'. $format . '_/'