Add missing taint analysis docblock comments, and improve escaping in some methods

Signed-off-by: Carl Schwan <carl@carlschwan.eu>
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>

diff --git a/apps/dashboard/lib/Controller/LayoutApiController.php b/apps/dashboard/lib/Controller/LayoutApiController.php
index 755470b7b07eaaf92da50b2c9c4faffdaac4c6d9..8eb01be497eac321a0016baf74f4a7ad1b225866 100644 (file)
--- a/apps/dashboard/lib/Controller/LayoutApiController.php
+++ b/apps/dashboard/lib/Controller/LayoutApiController.php
@@ -31,7 +31,6 @@ use OCP\IConfig;
 use OCP\IRequest;
 
 class LayoutApiController extends OCSController {
-
        /** @var IConfig */
        private $config;
        /** @var string */
@@ -56,6 +55,7 @@ class LayoutApiController extends OCSController {
         * @return JSONResponse
         */
        public function create(string $layout): JSONResponse {
+               $layout = htmlspecialchars($layout);
                $this->config->setUserValue($this->userId, 'dashboard', 'layout', $layout);
                return new JSONResponse(['layout' => $layout]);
        }

diff --git a/lib/private/Files/Filesystem.php b/lib/private/Files/Filesystem.php
index 367982eed72d82a888a1f6a26044a6445956e12f..c50fa1f9de98f447fa5b01e93dc98c1c001d3795 100644 (file)
--- a/lib/private/Files/Filesystem.php
+++ b/lib/private/Files/Filesystem.php
@@ -642,6 +642,7 @@ class Filesystem {
         * @param bool $stripTrailingSlash whether to strip the trailing slash
         * @param bool $isAbsolutePath whether the given path is absolute
         * @param bool $keepUnicode true to disable unicode normalization
+        * @psalm-taint-escape file
         * @return string
         */
        public static function normalizePath($path, $stripTrailingSlash = true, $isAbsolutePath = false, $keepUnicode = false) {

diff --git a/lib/private/legacy/OC_App.php b/lib/private/legacy/OC_App.php
index b28b2d38fbdc1c343017323d14834ec76e9c0290..b1da6a1d2fbea8d41d704a3ae05a5af0be3fe1ed 100644 (file)
--- a/lib/private/legacy/OC_App.php
+++ b/lib/private/legacy/OC_App.php
@@ -85,12 +85,14 @@ class OC_App {
         *
         * @psalm-taint-escape file
         * @psalm-taint-escape include
+        * @psalm-taint-escape html
+        * @psalm-taint-escape has_quotes
         *
         * @param string $app AppId that needs to be cleaned
         * @return string
         */
        public static function cleanAppId(string $app): string {
-               return str_replace(['\0', '/', '\\', '..'], '', $app);
+               return str_replace(['<', '>', '"', "'", '\0', '/', '\\', '..'], '', $app);
        }
 
        /**