Added escapeshellargs for security reasons

git-svn-id: https://oss.gonicus.de/repositories/gosa/branches/2.6@19472 594d385d-05f5-0310-b6e9-bd551577e9d8

diff --git a/gosa-core/include/class_ldap.inc b/gosa-core/include/class_ldap.inc
index e12a5478a1e1c75a54f93567312020b53730119e..de41a10815740e87310ea98171225e713555463b 100644 (file)
--- a/gosa-core/include/class_ldap.inc
+++ b/gosa-core/include/class_ldap.inc
@@ -857,28 +857,65 @@ class LDAP{
   }
 
 
- /*! \brief  Generates an ldif for all entries matching the filter settings, scope and limit.
+  /*! \brief  Generates an ldif for all entries matching the filter settings, scope and limit.
    *  @param  $dn           The entry to export.
    *  @param  $filter       Limit the exported object to those maching this filter.
-   *  @param  $attributes   Specify the attributes to export here, empty means all.
    *  @param  $scope        'base', 'sub' .. see manpage for 'ldapmodify' for details.
    *  @param  $limit        Limits the result.
    */
-  function generateLdif ($dn, $filter= "(objectClass=*)", $attributes= array(), $scope = 'sub', $limit=0)
+  function generateLdif ($dn, $filter= "(objectClass=*)", $attributes= array(),$scope = 'sub', $limit=0)
   {
-      $attrs  = (count($attributes))?implode($attributes,' '):'';
-      $scope = (!empty($scope))?' -s '.$scope: '';
+        
+      // Attributes are unused !!
+      $attrs = '';
+
+      // Ensure that limit is numeric if not skip here.
+      if(!empty($limit) && !is_numeric($limit)){
+          trigger_error(sprintf("Invalid parameter for limit '%s', a numeric value is required."), $limit);
+          return(NULL);
+      }
       $limit = (!$limit)?'':' -z '.$limit;
+
+      // Check scope values
+      $scope = trim($scope);
+      if(!empty($scope) && !in_array($scope, array('base', 'one', 'sub', 'children'))){
+          trigger_error(sprintf("Invalid parameter for scope '%s', please use 'base', 'one', 'sub' or 'children'."), $scope);
+          return(NULL);
+      }
+      $scope = (!empty($scope))?' -s '.$scope: '';
+
+      // Prepare parameters to be valid for shell execution
       $dn = escapeshellarg($dn);
+      $pwd = $this->bindpw;
+      $host = escapeshellarg($this->hostname);
       $admin = escapeshellarg($this->binddn);
-      $pwd = escapeshellarg($this->bindpw);
       $filter = escapeshellarg($filter);
-      $host = escapeshellarg($this->hostname);
-      $cmd = "ldapsearch -x -LLLL -D {$admin} -w {$pwd} {$filter} {$limit} {$scope} -H {$host} -b {$dn} $attrs ";
-      ob_start();
-      passthru($cmd);
-      $res=ob_get_contents();
-      ob_end_clean();
+      $cmd = "ldapsearch -x -LLLL -D {$admin} {$filter} {$limit} {$scope} -H {$host} -b {$dn} -W ";
+
+      // Create list of process pipes
+      $descriptorspec = array(
+              0 => array("pipe", "r"),  // stdin
+              1 => array("pipe", "w"),  // stdout
+              2 => array("pipe", "w")); // stderr
+
+      // Try to open the process
+      $process = proc_open($cmd, $descriptorspec, $pipes);
+      if (is_resource($process)) {
+
+          // Write the password to stdin
+          fwrite($pipes[0], $pwd);
+          fclose($pipes[0]);
+
+          // Get results from stdout and stderr
+          $res = stream_get_contents($pipes[1]);
+          $err = stream_get_contents($pipes[2]);
+          fclose($pipes[1]);
+
+          // Close the process and check its return value
+          if(proc_close($process) != 0){
+              trigger_error($err);
+          }
+      }
       return($res);
   }