From 6532972e61a2aa5e8517ebcca3113adb3c8f336d Mon Sep 17 00:00:00 2001
From: zotlabs <mike@macgirvin.com>
Date: Thu, 13 Oct 2016 00:30:41 -0700
Subject: additional array checking

---
 include/dba/dba_driver.php | 13 +++++++++++++
 include/import.php         |  6 ++++--
 include/items.php          |  5 ++++-
 include/text.php           |  9 +++++----
 4 files changed, 26 insertions(+), 7 deletions(-)

(limited to 'include')

diff --git a/include/dba/dba_driver.php b/include/dba/dba_driver.php
index 36353354c..34597bec4 100755
--- a/include/dba/dba_driver.php
+++ b/include/dba/dba_driver.php
@@ -391,9 +391,22 @@ function dbesc_array_cb(&$item, $key) {
 
 
 function dbesc_array(&$arr) {
+	$bogus_key = false;
 	if(is_array($arr) && count($arr)) {
+		$matches = false;
+		foreach($arr as $k => $v) {
+			if(preg_match('/([^a-zA-Z0-9\-\_\.])/',$k,$matches)) {
+				logger('bogus key: ' . $k);
+				$bogus_key = true;
+			}
+		}
 		array_walk($arr,'dbesc_array_cb');
+		if($bogus_key) {
+			$arr['BOGUS.KEY'] = 1;
+			return false;
+		}
 	}
+	return true;
 }
 
 function db_getfunc($f) {
diff --git a/include/import.php b/include/import.php
index 4225fe493..d5f6e5c8a 100644
--- a/include/import.php
+++ b/include/import.php
@@ -1026,7 +1026,8 @@ function sync_files($channel,$files) {
 
 					if($attach_exists) {
 						logger('sync_files attach exists: ' . print_r($att,true), LOGGER_DEBUG);
-						dbesc_array($att);
+						if(! dbesc_array($att))
+							continue;
 						$str = '';
     					foreach($att as $k => $v) {
 			        		if($str)
@@ -1140,7 +1141,8 @@ function sync_files($channel,$files) {
 
 
 					if($exists) {
-						dbesc_array($p);
+						if(! dbesc_array($p))
+							continue;
 					    $str = '';
     					foreach($p as $k => $v) {
 				        	if($str)
diff --git a/include/items.php b/include/items.php
index a682fafaa..aaa51fc8b 100755
--- a/include/items.php
+++ b/include/items.php
@@ -2161,7 +2161,10 @@ function item_store_update($arr,$allow_exec = false, $deliver = true) {
 	}
 
 
-	dbesc_array($arr);
+	if(! dbesc_array($arr)) {
+		$ret['message'] = 'DB array malformed';
+		return $ret;
+	}
 
 	logger('item_store_update: ' . print_r($arr,true), LOGGER_DATA);
 
diff --git a/include/text.php b/include/text.php
index f23458db0..fcd5dbc0c 100644
--- a/include/text.php
+++ b/include/text.php
@@ -3035,13 +3035,14 @@ function create_table_from_array($table,$arr) {
 	if(! ($arr && $table))
 		return false;
 
-	dbesc_array($arr);
-
-	$r = dbq("INSERT INTO " . TQUOT . $table . TQUOT . " (" . TQUOT
+	if(dbesc_array($arr)) {
+		$r = dbq("INSERT INTO " . TQUOT . $table . TQUOT . " (" . TQUOT
 			. implode(TQUOT . ', ' . TQUOT, array_keys($arr))
 			. TQUOT . ") VALUES ('"
 			. implode("', '", array_values($arr))
-			. "')" );
+			. "')" 
+		);
+	}
 	return $r;
 
 }
\ No newline at end of file
-- 
cgit v1.2.3