unprotected strpos in administrator/components/com_virtuemart/models/product.php

Started by bcohen0, July 20, 2017, 06:01:08 AM

Previous topic - Next topic

bcohen0

I have version 3.2.2 .

on line 275, $orderBy was initialized to space:

      $orderBy = ' ';


On line 613, there is the code:

if(strpos($orderBy,$field,6)!==FALSE){

I ended up on this line with $orderBy still being just an empty space and got several php warnings that the index of 6 was out of bounds, since it's in a loop.  I don't know why it's being initialized anyway, since it seems nothing is depending upon it having a leading space. Maybe it could just be initalized to null, and the strpos could check for that.

But I could be wrong, just thought I'd post it.



Milbo

Thank you, yes I added it for the next version.


$productLangFields = array('product_s_desc','product_desc','product_name','metadesc','metakey','slug');
if(!empty($orderBy)){
foreach($productLangFields as $field){
if(strpos($orderBy,$field,6)!==FALSE){
$langFields[] = $field;
$orderbyLangField = $field;
$joinLang = true;
break;
}
}
}
Should I fix your bug, please support the VirtueMart project and become a member
______________________________________
Extensions approved by the core team: http://extensions.virtuemart.net/