Congegni
/
libretime
mirror of https://github.com/libretime/libretime.git
7
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix(legacy): validate id param in show image controller (#1510)

This commit is contained in:
Jonas L 2022-01-13 06:10:32 +01:00 committed by GitHub
parent d986302de2
commit fd580d689f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
legacy/application/modules/rest/controllers/ShowImageController.php
View File

@ -326,6 +326,16 @@ class Rest_ShowImageController extends Zend_Rest_Controller
return false;
}
$id = filter_var($id, FILTER_VALIDATE_INT);
if ($id === false) {
$resp = $this->getResponse();
$resp->setHttpResponseCode(400);
$resp->appendBody('ERROR: Invalid show ID specified.');
return false;
}
return $id;
}
}