Shared security patch analysis results
AI Used: DEEPSEEK deepseek-chat--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/vendor/laminas/laminas-validator/src/Between.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/vendor/laminas/laminas-validator/src/Between.php@@ -1,34 +1,35 @@ <?php--/**- * @see https://github.com/laminas/laminas-validator for the canonical source repository- * @copyright https://github.com/laminas/laminas-validator/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-validator/blob/master/LICENSE.md New BSD License- */ namespace Laminas\Validator; use Laminas\Stdlib\ArrayUtils; use Traversable;+use function array_key_exists;+use function array_shift;+use function func_get_args;+use function is_array;+use function is_numeric;+use function is_string;++use const PHP_INT_MAX;+ class Between extends AbstractValidator {- const NOT_BETWEEN = 'notBetween';- const NOT_BETWEEN_STRICT = 'notBetweenStrict';- const VALUE_NOT_NUMERIC = 'valueNotNumeric';- const VALUE_NOT_STRING = 'valueNotString';+ public const NOT_BETWEEN = 'notBetween';+ public const NOT_BETWEEN_STRICT = 'notBetweenStrict';+ public const VALUE_NOT_NUMERIC = 'valueNotNumeric';+ public const VALUE_NOT_STRING = 'valueNotString'; /** * Retain if min and max are numeric values. Allow to not compare string and numeric types- *- * @var boolean- */- private $numeric;+ */+ private ?bool $numeric = null; /** * Validation failure message template definitions *- * @var array+ * @var array<string, string> */ protected $messageTemplates = [ self::NOT_BETWEEN => "The input is not between '%min%' and '%max%', inclusively",@@ -54,7 +55,7 @@ * @var array */ protected $options = [- 'inclusive' => true, // Whether to do inclusive comparisons, allowing equivalence to min and/or max+ 'inclusive' => true, // Whether to do inclusive comparisons, allowing equivalence to min and/or max 'min' => 0, 'max' => PHP_INT_MAX, ];@@ -66,8 +67,7 @@ * 'max' => scalar, maximum border * 'inclusive' => boolean, inclusive border values *- * @param array|Traversable $options- *+ * @param array<string, mixed>|Traversable<string, mixed> $options * @throws Exception\InvalidArgumentException */ public function __construct($options = null)@@ -76,7 +76,9 @@ $options = ArrayUtils::iteratorToArray($options); } if (! is_array($options)) {- $options = func_get_args();+ $temp = [];+ /** @psalm-var array<string, int|string> $options */+ $options = func_get_args(); $temp['min'] = array_shift($options); if (! empty($options)) { $temp['max'] = array_shift($options);@@ -93,11 +95,13 @@ throw new Exception\InvalidArgumentException("Missing option: 'min' and 'max' have to be given"); }- if ((isset($options['min']) && is_numeric($options['min']))+ if (+ (isset($options['min']) && is_numeric($options['min'])) && (isset($options['max']) && is_numeric($options['max'])) ) { $this->numeric = true;- } elseif ((isset($options['min']) && is_string($options['min']))+ } elseif (+ (isset($options['min']) && is_string($options['min'])) && (isset($options['max']) && is_string($options['max'])) ) { $this->numeric = false;@@ -123,10 +127,9 @@ /** * Sets the min option *- * @param mixed $min * @return $this Provides a fluent interface */- public function setMin($min)+ public function setMin(mixed $min) { $this->options['min'] = $min; return $this;@@ -145,10 +148,9 @@ /** * Sets the max option *- * @param mixed $max * @return $this Provides a fluent interface */- public function setMax($max)+ public function setMax(mixed $max) { $this->options['max'] = $max; return $this;
After analyzing the code diff, I don't find any clear security vulnerabilities that were fixed. The changes appear to be primarily code quality improvements, type safety enhancements, and modernization updates. Here's the analysis: 1. Vulnerability Existed: no No specific vulnerability [include/laminas-mail/vendor/laminas/laminas-validator/src/Between.php] [Various lines] The changes include: - Changing visibility of constants from implicit public to explicit public - Adding type hints and return types - Improving array type documentation - Adding use statements for functions and constants - Code formatting improvements 2. Vulnerability Existed: no No specific vulnerability [include/laminas-mail/vendor/laminas/laminas-validator/src/Between.php] [Constructor changes] The constructor changes include: - Better handling of options parameter - More robust type checking - Psalm annotation addition - No security impact found The changes appear to be part of a general code quality improvement effort rather than addressing specific security vulnerabilities. The modifications improve type safety and maintainability but don't appear to fix any exploitable security issues. If there were any security implications in these changes, they would be very subtle (like potential type confusion issues being prevented by the stricter typing), but nothing clearly identifiable as a vulnerability fix.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/src/Storage/Part.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/src/Storage/Part.php@@ -1,64 +1,82 @@ <?php-/**- * @see https://github.com/laminas/laminas-mail for the canonical source repository- * @copyright https://github.com/laminas/laminas-mail/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-mail/blob/master/LICENSE.md New BSD License- */- namespace Laminas\Mail\Storage;+use ArrayIterator; use Laminas\Mail\Header\HeaderInterface; use Laminas\Mail\Headers; use Laminas\Mime;+use Laminas\Mime\Exception\RuntimeException; use RecursiveIterator;--class Part implements RecursiveIterator, Part\PartInterface+use ReturnTypeWillChange;+use Stringable;++use function array_map;+use function count;+use function current;+use function implode;+use function is_array;+use function iterator_to_array;+use function preg_replace;+use function stripos;+use function strlen;+use function strtolower;+use function trim;++class Part implements RecursiveIterator, Part\PartInterface, Stringable { /** * Headers of the part+ * * @var Headers|null */ protected $headers; /** * raw part body+ * * @var null|string */ protected $content; /** * toplines as fetched with headers+ * * @var string */ protected $topLines = ''; /** * parts of multipart message+ * * @var array */ protected $parts = []; /** * count of parts of a multipart message+ * * @var null|int */ protected $countParts; /** * current position of iterator+ * * @var int */ protected $iterationPos = 1; /** * mail handler, if late fetch is active+ * * @var null|AbstractStorage */ protected $mail; /** * message number for mail handler+ * * @var int */ protected $messageNum = 0;@@ -92,7 +110,7 @@ $this->messageNum = $params['id']; }- $params['strict'] = isset($params['strict']) ? $params['strict'] : false;+ $params['strict'] ??= false; if (isset($params['raw'])) { Mime\Decode::splitMessage(@@ -129,11 +147,10 @@ { try { return stripos($this->contentType, 'multipart/') === 0;- } catch (Exception\ExceptionInterface $e) {+ } catch (Exception\ExceptionInterface) { return false; } }- /** * Body of part@@ -168,12 +185,11 @@ return strlen($this->getContent()); }- /** * Cache content and split in parts if multipart * * @throws Exception\RuntimeException- * @return null+ * @return void */ protected function cacheContent() {@@ -218,10 +234,10 @@ throw new Exception\RuntimeException('part not found'); }- if ($this->mail && $this->mail->hasFetchPart) {+ // if ($this->mail && $this->mail->hasFetchPart) { // TODO: fetch part // return- }+ // } $this->cacheContent();@@ -248,10 +264,10 @@ return $this->countParts; }- if ($this->mail && $this->mail->hasFetchPart) {+ // if ($this->mail && $this->mail->hasFetchPart) { // TODO: fetch part // return- }+ // } $this->cacheContent();@@ -271,7 +287,7 @@ { if (null === $this->headers) { if ($this->mail) {- $part = $this->mail->getRawHeader($this->messageNum);+ $part = $this->mail->getRawHeader($this->messageNum); $this->headers = Headers::fromString($part); } else { $this->headers = new Headers();@@ -295,14 +311,14 @@ * @param string $name name of header, matches case-insensitive, but camel-case is replaced with dashes * @param string $format change type of return value to 'string' or 'array' * @throws Exception\InvalidArgumentException- * @return string|array|HeaderInterface|\ArrayIterator value of header in wanted or internal format+ * @return string|array|HeaderInterface|ArrayIterator value of header in wanted or internal format */ public function getHeader($name, $format = null) { $header = $this->getHeaders()->get($name); if ($header === false) { $lowerName = strtolower(preg_replace('%([a-z])([A-Z])%', '\1-\2', $name));- $header = $this->getHeaders()->get($lowerName);+ $header = $this->getHeaders()->get($lowerName); if ($header === false) { throw new Exception\InvalidArgumentException( "Header with Name $name or $lowerName not found"@@ -315,12 +331,11 @@ if ($header instanceof HeaderInterface) { $return = $header->getFieldValue(HeaderInterface::FORMAT_RAW); } else {- $return = '';- foreach ($header as $h) {- $return .= $h->getFieldValue(HeaderInterface::FORMAT_RAW)- . Mime\Mime::LINEEND;- }- $return = trim($return, Mime\Mime::LINEEND);+ $return = trim(implode(+ Mime\Mime::LINEEND,+ array_map(static fn($header): string+ => $header->getFieldValue(HeaderInterface::FORMAT_RAW), iterator_to_array($header))+ ), Mime\Mime::LINEEND); } break; case 'array':@@ -353,7 +368,7 @@ * @param string $wantedPart the wanted part, default is first, if null an array with all parts is returned * @param string $firstName key name for the first part * @return string|array wanted part or all parts as array($firstName => firstPart, partname => value)- * @throws \Laminas\Mime\Exception\RuntimeException+ * @throws RuntimeException */ public function getHeaderField($name, $wantedPart = '0', $firstName = '0') {@@ -383,7 +398,7 @@ * * @see Part::hasHeader *- * @param string+ * @param string $name * @return bool */ public function __isset($name)@@ -396,7 +411,7 @@ * * @return string content */- public function __toString()+ public function __toString(): string { return $this->getContent(); }@@ -406,10 +421,11 @@ * * @return bool current element has children/is multipart */+ #[ReturnTypeWillChange] public function hasChildren() { $current = $this->current();- return $current && $current instanceof Part && $current->isMultipart();+ return $current && $current instanceof self && $current->isMultipart(); } /**@@ -417,6 +433,7 @@ * * @return Part same as self::current() */+ #[ReturnTypeWillChange] public function getChildren() { return $this->current();@@ -427,6 +444,7 @@ * * @return bool check if there's a current element */+ #[ReturnTypeWillChange] public function valid() { if ($this->countParts === null) {@@ -438,6 +456,7 @@ /** * implements Iterator::next() */+ #[ReturnTypeWillChange] public function next() { ++$this->iterationPos;@@ -448,6 +467,7 @@ * * @return string key/number of current part */+ #[ReturnTypeWillChange] public function key() { return $this->iterationPos;@@ -458,6 +478,7 @@ * * @return Part current part */+ #[ReturnTypeWillChange] public function current() { return $this->getPart($this->iterationPos);@@ -466,6 +487,7 @@ /** * implements Iterator::rewind() */+ #[ReturnTypeWillChange] public function rewind() { $this->countParts();
Here's the analysis of the provided code diff for security fixes:
1. Vulnerability Existed: not sure
[Potential Information Leak] [include/laminas-mail/src/Storage/Part.php] [Lines 234-236, 264-266]
[Old Code]
if ($this->mail && $this->mail->hasFetchPart) {
// TODO: fetch part
// return
}
[Fixed Code]
// if ($this->mail && $this->mail->hasFetchPart) {
// TODO: fetch part
// return
// }
Additional Details: The commented-out code might indicate a potential information leak vulnerability that was mitigated by disabling the feature, but without more context about the mail handler functionality, this is uncertain.
2. Vulnerability Existed: not sure
[Potential Header Injection] [include/laminas-mail/src/Storage/Part.php] [Lines 331-335]
[Old Code]
$return = '';
foreach ($header as $h) {
$return .= $h->getFieldValue(HeaderInterface::FORMAT_RAW)
. Mime\Mime::LINEEND;
}
$return = trim($return, Mime\Mime::LINEEND);
[Fixed Code]
$return = trim(implode(
Mime\Mime::LINEEND,
array_map(static fn($header): string
=> $header->getFieldValue(HeaderInterface::FORMAT_RAW), iterator_to_array($header))
), Mime\Mime::LINEEND);
Additional Details: The change in header value concatenation might be related to preventing header injection or CRLF injection, but the security impact isn't clear without more context.
3. Vulnerability Existed: not sure
[Potential Type Confusion] [include/laminas-mail/src/Storage/Part.php] [Lines 425]
[Old Code]
return $current && $current instanceof Part && $current->isMultipart();
[Fixed Code]
return $current && $current instanceof self && $current->isMultipart();
Additional Details: The change from `Part` to `self` might be related to preventing potential type confusion issues, but this is uncertain.
Note: While there are several changes in the code, most appear to be general improvements, type safety enhancements, and modernization (like adding return type hints and attributes) rather than clear security fixes. The most suspicious changes are the commented-out mail handler code blocks, which might indicate disabled functionality that could have had security implications.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/src/Header/HeaderWrap.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/src/Header/HeaderWrap.php@@ -1,27 +1,39 @@ <?php--/**- * @see https://github.com/laminas/laminas-mail for the canonical source repository- * @copyright https://github.com/laminas/laminas-mail/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-mail/blob/master/LICENSE.md New BSD License- */ namespace Laminas\Mail\Header; use Laminas\Mail\Headers; use Laminas\Mime\Mime;+use function array_reduce;+use function explode;+use function extension_loaded;+use function iconv_mime_decode;+use function iconv_mime_encode;+use function imap_mime_header_decode;+use function imap_utf8;+use function implode;+use function str_contains;+use function str_pad;+use function str_starts_with;+use function strlen;+use function strpos;+use function substr;+use function wordwrap;++use const ICONV_MIME_DECODE_CONTINUE_ON_ERROR;+ /** * Utility class used for creating wrapped or MIME-encoded versions of header * values. */+// phpcs:ignore WebimpressCodingStandard.NamingConventions.AbstractClass.Prefix abstract class HeaderWrap { /** * Wrap a long header line * * @param string $value- * @param HeaderInterface $header * @return string */ public static function wrap($value, HeaderInterface $header)@@ -40,23 +52,33 @@ * Wrap at 78 characters or before, based on whitespace. * * @param string $value- * @param HeaderInterface $header * @return string */ protected static function wrapUnstructuredHeader($value, HeaderInterface $header) {- $encoding = $header->getEncoding();+ $headerNameColonSize = strlen($header->getFieldName() . ': ');+ $encoding = $header->getEncoding();+ if ($encoding == 'ASCII') {- return wordwrap($value, 78, Headers::FOLDING);+ /*+ * Before folding the header line, it is necessary to calculate the length of the+ * entire header (including the name and colon). We need to put a stub at the+ * beginning of the value so that the folding is performed correctly.+ */+ $headerLine = str_pad('0', $headerNameColonSize, '0') . $value;+ $foldedHeaderLine = wordwrap($headerLine, 78, Headers::FOLDING);++ // Remove the stub and return the header folded value.+ return substr($foldedHeaderLine, $headerNameColonSize); }- return static::mimeEncodeValue($value, $encoding, 78);++ return static::mimeEncodeValue($value, $encoding, 78, $headerNameColonSize); } /** * Wrap a structured header line * * @param string $value- * @param StructuredInterface $header * @return string */ protected static function wrapStructuredHeader($value, StructuredInterface $header)@@ -82,14 +104,19 @@ * Performs quoted-printable encoding on a value, setting maximum * line-length to 998. *- * @param string $value- * @param string $encoding- * @param int $lineLength maximum line-length, by default 998+ * @param string $value+ * @param string $encoding+ * @param int $lineLength Maximum line-length, by default 998+ * @param positive-int|0 $firstLineGapSize When folding a line, it is necessary to calculate+ * the length of the entire line (together with the+ * header name). Therefore, you can specify the header+ * name and colon length in this argument to fold the+ * string properly. * @return string Returns the mime encode value without the last line ending */- public static function mimeEncodeValue($value, $encoding, $lineLength = 998)+ public static function mimeEncodeValue($value, $encoding, $lineLength = 998, $firstLineGapSize = 0) {- return Mime::encodeQuotedPrintableHeader($value, $encoding, $lineLength, Headers::EOL);+ return Mime::encodeQuotedPrintableHeader($value, $encoding, $lineLength, Headers::EOL, $firstLineGapSize); } /**@@ -115,9 +142,7 @@ if (self::isNotDecoded($value, $decodedValue) && extension_loaded('imap')) { return array_reduce( imap_mime_header_decode(imap_utf8($value)),- function ($accumulator, $headerPart) {- return $accumulator . $headerPart->text;- },+ static fn($accumulator, $headerPart) => $accumulator . $headerPart->text, '' ); }@@ -125,11 +150,11 @@ return $decodedValue; }- private static function isNotDecoded($originalValue, $value)+ private static function isNotDecoded(string $originalValue, string $value): bool {- return 0 === strpos($value, '=?')+ return str_starts_with($value, '=?') && strlen($value) - 2 === strpos($value, '?=')- && false !== strpos($originalValue, $value);+ && str_contains($originalValue, $value); } /**@@ -144,18 +169,18 @@ // "test" -> 4 // "x-test: =?ISO-8859-1?B?dGVzdA==?=" -> 33 // 8 +2 +3 +3 -> 16- $charset = 'UTF-8';+ $charset = 'UTF-8'; $lineLength = strlen($value) * 4 + strlen($charset) + 16; $preferences = [- 'scheme' => 'Q',- 'input-charset' => $charset,+ 'scheme' => 'Q',+ 'input-charset' => $charset, 'output-charset' => $charset,- 'line-length' => $lineLength,+ 'line-length' => $lineLength, ]; $encoded = iconv_mime_encode('x-test', $value, $preferences);- return (false !== $encoded);+ return false !== $encoded; } }
I'll analyze the provided code diff for security fixes following the specified format.
Vulnerability Existed: not sure
Header Injection Vulnerability [include/laminas-mail/src/Header/HeaderWrap.php] [Lines 1-39]
[Old Code]
The original code didn't have strict type checking and used less secure string comparison functions
[Fixed Code]
Added type hints (string, bool) and replaced strpos with str_starts_with/str_contains which are more secure against type juggling issues
Vulnerability Existed: yes
Header Folding Vulnerability [include/laminas-mail/src/Header/HeaderWrap.php] [Lines 40-72]
[Old Code]
public static function wrap($value, HeaderInterface $header)
protected static function wrapUnstructuredHeader($value, HeaderInterface $header)
{
$encoding = $header->getEncoding();
if ($encoding == 'ASCII') {
return wordwrap($value, 78, Headers::FOLDING);
}
return static::mimeEncodeValue($value, $encoding, 78);
}
[Fixed Code]
protected static function wrapUnstructuredHeader($value, HeaderInterface $header)
{
$headerNameColonSize = strlen($header->getFieldName() . ': ');
$encoding = $header->getEncoding();
if ($encoding == 'ASCII') {
$headerLine = str_pad('0', $headerNameColonSize, '0') . $value;
$foldedHeaderLine = wordwrap($headerLine, 78, Headers::FOLDING);
return substr($foldedHeaderLine, $headerNameColonSize);
}
return static::mimeEncodeValue($value, $encoding, 78, $headerNameColonSize);
}
Vulnerability Existed: yes
MIME Encoding Vulnerability [include/laminas-mail/src/Header/HeaderWrap.php] [Lines 104-116]
[Old Code]
public static function mimeEncodeValue($value, $encoding, $lineLength = 998)
{
return Mime::encodeQuotedPrintableHeader($value, $encoding, $lineLength, Headers::EOL);
}
[Fixed Code]
public static function mimeEncodeValue($value, $encoding, $lineLength = 998, $firstLineGapSize = 0)
{
return Mime::encodeQuotedPrintableHeader($value, $encoding, $lineLength, Headers::EOL, $firstLineGapSize);
}
The main security improvements appear to be:
1. Better handling of header folding by accounting for header name length
2. More secure string comparison functions
3. Added type safety
4. Improved MIME encoding with proper line length calculations
The changes help prevent potential header injection attacks and improve the robustness of header encoding/decoding operations.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/vendor/symfony/polyfill-mbstring/Resources/unidata/upperCase.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/vendor/symfony/polyfill-mbstring/Resources/unidata/upperCase.php@@ -746,41 +746,41 @@ 'ύ' => 'Ύ', 'ὼ' => 'Ὼ', 'ώ' => 'Ώ',- 'ᾀ' => 'ᾈ',- 'ᾁ' => 'ᾉ',- 'ᾂ' => 'ᾊ',- 'ᾃ' => 'ᾋ',- 'ᾄ' => 'ᾌ',- 'ᾅ' => 'ᾍ',- 'ᾆ' => 'ᾎ',- 'ᾇ' => 'ᾏ',- 'ᾐ' => 'ᾘ',- 'ᾑ' => 'ᾙ',- 'ᾒ' => 'ᾚ',- 'ᾓ' => 'ᾛ',- 'ᾔ' => 'ᾜ',- 'ᾕ' => 'ᾝ',- 'ᾖ' => 'ᾞ',- 'ᾗ' => 'ᾟ',- 'ᾠ' => 'ᾨ',- 'ᾡ' => 'ᾩ',- 'ᾢ' => 'ᾪ',- 'ᾣ' => 'ᾫ',- 'ᾤ' => 'ᾬ',- 'ᾥ' => 'ᾭ',- 'ᾦ' => 'ᾮ',- 'ᾧ' => 'ᾯ',+ 'ᾀ' => 'ἈΙ',+ 'ᾁ' => 'ἉΙ',+ 'ᾂ' => 'ἊΙ',+ 'ᾃ' => 'ἋΙ',+ 'ᾄ' => 'ἌΙ',+ 'ᾅ' => 'ἍΙ',+ 'ᾆ' => 'ἎΙ',+ 'ᾇ' => 'ἏΙ',+ 'ᾐ' => 'ἨΙ',+ 'ᾑ' => 'ἩΙ',+ 'ᾒ' => 'ἪΙ',+ 'ᾓ' => 'ἫΙ',+ 'ᾔ' => 'ἬΙ',+ 'ᾕ' => 'ἭΙ',+ 'ᾖ' => 'ἮΙ',+ 'ᾗ' => 'ἯΙ',+ 'ᾠ' => 'ὨΙ',+ 'ᾡ' => 'ὩΙ',+ 'ᾢ' => 'ὪΙ',+ 'ᾣ' => 'ὫΙ',+ 'ᾤ' => 'ὬΙ',+ 'ᾥ' => 'ὭΙ',+ 'ᾦ' => 'ὮΙ',+ 'ᾧ' => 'ὯΙ', 'ᾰ' => 'Ᾰ', 'ᾱ' => 'Ᾱ',- 'ᾳ' => 'ᾼ',+ 'ᾳ' => 'ΑΙ', 'ι' => 'Ι',- 'ῃ' => 'ῌ',+ 'ῃ' => 'ΗΙ', 'ῐ' => 'Ῐ', 'ῑ' => 'Ῑ', 'ῠ' => 'Ῠ', 'ῡ' => 'Ῡ', 'ῥ' => 'Ῥ',- 'ῳ' => 'ῼ',+ 'ῳ' => 'ΩΙ', 'ⅎ' => 'Ⅎ', 'ⅰ' => 'Ⅰ', 'ⅱ' => 'Ⅱ',@@ -1411,4 +1411,79 @@ '𞥁' => '𞤟', '𞥂' => '𞤠', '𞥃' => '𞤡',+ 'ß' => 'SS',+ 'ff' => 'FF',+ 'fi' => 'FI',+ 'fl' => 'FL',+ 'ffi' => 'FFI',+ 'ffl' => 'FFL',+ 'ſt' => 'ST',+ 'st' => 'ST',+ 'և' => 'ԵՒ',+ 'ﬓ' => 'ՄՆ',+ 'ﬔ' => 'ՄԵ',+ 'ﬕ' => 'ՄԻ',+ 'ﬖ' => 'ՎՆ',+ 'ﬗ' => 'ՄԽ',+ 'ʼn' => 'ʼN',+ 'ΐ' => 'Ϊ́',+ 'ΰ' => 'Ϋ́',+ 'ǰ' => 'J̌',+ 'ẖ' => 'H̱',+ 'ẗ' => 'T̈',+ 'ẘ' => 'W̊',+ 'ẙ' => 'Y̊',+ 'ẚ' => 'Aʾ',+ 'ὐ' => 'Υ̓',+ 'ὒ' => 'Υ̓̀',+ 'ὔ' => 'Υ̓́',+ 'ὖ' => 'Υ̓͂',+ 'ᾶ' => 'Α͂',+ 'ῆ' => 'Η͂',+ 'ῒ' => 'Ϊ̀',+ 'ΐ' => 'Ϊ́',+ 'ῖ' => 'Ι͂',+ 'ῗ' => 'Ϊ͂',+ 'ῢ' => 'Ϋ̀',+ 'ΰ' => 'Ϋ́',+ 'ῤ' => 'Ρ̓',+ 'ῦ' => 'Υ͂',+ 'ῧ' => 'Ϋ͂',+ 'ῶ' => 'Ω͂',+ 'ᾈ' => 'ἈΙ',+ 'ᾉ' => 'ἉΙ',+ 'ᾊ' => 'ἊΙ',+ 'ᾋ' => 'ἋΙ',+ 'ᾌ' => 'ἌΙ',+ 'ᾍ' => 'ἍΙ',+ 'ᾎ' => 'ἎΙ',+ 'ᾏ' => 'ἏΙ',+ 'ᾘ' => 'ἨΙ',+ 'ᾙ' => 'ἩΙ',+ 'ᾚ' => 'ἪΙ',+ 'ᾛ' => 'ἫΙ',+ 'ᾜ' => 'ἬΙ',+ 'ᾝ' => 'ἭΙ',+ 'ᾞ' => 'ἮΙ',+ 'ᾟ' => 'ἯΙ',+ 'ᾨ' => 'ὨΙ',+ 'ᾩ' => 'ὩΙ',+ 'ᾪ' => 'ὪΙ',+ 'ᾫ' => 'ὫΙ',+ 'ᾬ' => 'ὬΙ',+ 'ᾭ' => 'ὭΙ',+ 'ᾮ' => 'ὮΙ',+ 'ᾯ' => 'ὯΙ',+ 'ᾼ' => 'ΑΙ',+ 'ῌ' => 'ΗΙ',+ 'ῼ' => 'ΩΙ',+ 'ᾲ' => 'ᾺΙ',+ 'ᾴ' => 'ΆΙ',+ 'ῂ' => 'ῊΙ',+ 'ῄ' => 'ΉΙ',+ 'ῲ' => 'ῺΙ',+ 'ῴ' => 'ΏΙ',+ 'ᾷ' => 'Α͂Ι',+ 'ῇ' => 'Η͂Ι',+ 'ῷ' => 'Ω͂Ι', );
After analyzing the provided code diff, here are the potential security vulnerabilities identified: 1. Vulnerability Existed: not sure Unicode Case Mapping Inconsistency [include/laminas-mail/vendor/symfony/polyfill-mbstring/Resources/unidata/upperCase.php] [Lines 746-1411] Old Code: Various single Unicode character mappings Fixed Code: Expanded to multi-character mappings (e.g., 'ᾀ' => 'ἈΙ' instead of 'ᾀ' => 'ᾈ') 2. Vulnerability Existed: not sure Unicode Normalization Issue [include/laminas-mail/vendor/symfony/polyfill-mbstring/Resources/unidata/upperCase.php] [Lines 746-1411] Old Code: Direct single-character mappings Fixed Code: Added decomposed forms (e.g., 'ΐ' => 'Ϊ́') 3. Vulnerability Existed: not sure Ligature Handling [include/laminas-mail/vendor/symfony/polyfill-mbstring/Resources/unidata/upperCase.php] [Lines 1411+] Old Code: Missing ligature mappings Fixed Code: Added ligature expansions (e.g., 'ff' => 'FF', 'fi' => 'FI') The changes appear to be related to improving Unicode case mapping completeness and accuracy rather than fixing specific security vulnerabilities. However, incomplete Unicode handling could potentially lead to security issues in certain contexts (e.g., case-insensitive comparisons, input validation). Note: Without additional context about how this mapping data is used in the application, it's difficult to determine if these changes directly address security vulnerabilities or are simply functional improvements. The changes do significantly expand and correct the case mapping tables.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/src/Storage/Part/PartInterface.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/src/Storage/Part/PartInterface.php@@ -1,10 +1,4 @@ <?php--/**- * @see https://github.com/laminas/laminas-mail for the canonical source repository- * @copyright https://github.com/laminas/laminas-mail/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-mail/blob/master/LICENSE.md New BSD License- */ namespace Laminas\Mail\Storage\Part;@@ -108,6 +102,7 @@ * This getter is short for PartInterface::getHeader($name, 'string') * * @see PartInterface::getHeader()+ * * @param string $name header name * @return string value of header * @throws Exception\ExceptionInterface
Based on the provided diff, I'll analyze it for security vulnerabilities: 1. Vulnerability Existed: no No specific vulnerability found [File] include/laminas-mail/src/Storage/Part/PartInterface.php [Lines] 1-10 Old Code: Contains copyright/license header comments Fixed Code: Removed copyright/license header comments 2. Vulnerability Existed: no No specific vulnerability found [File] include/laminas-mail/src/Storage/Part/PartInterface.php [Lines] 108 Old Code: Missing docblock line break Fixed Code: Added docblock line break The changes appear to be documentation/formatting related rather than security fixes. The main changes are: 1. Removal of license/copyright header comments 2. Addition of a line break in docblock comments Neither of these changes appear to address any security vulnerabilities, but rather focus on code style and documentation improvements.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/vendor/laminas/laminas-validator/src/File/ExcludeExtension.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/vendor/laminas/laminas-validator/src/File/ExcludeExtension.php@@ -1,12 +1,12 @@ <?php-/**- * @see https://github.com/laminas/laminas-validator for the canonical source repository- * @copyright https://github.com/laminas/laminas-validator/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-validator/blob/master/LICENSE.md New BSD License- */+namespace Laminas\Validator\File;-namespace Laminas\Validator\File;+use function in_array;+use function is_readable;+use function strrpos;+use function strtolower;+use function substr; /** * Validator for the excluding file extensions@@ -18,12 +18,10 @@ /** * @const string Error constants */- const FALSE_EXTENSION = 'fileExcludeExtensionFalse';- const NOT_FOUND = 'fileExcludeExtensionNotFound';+ public const FALSE_EXTENSION = 'fileExcludeExtensionFalse';+ public const NOT_FOUND = 'fileExcludeExtensionNotFound';- /**- * @var array Error message templates- */+ /** @var array Error message templates */ protected $messageTemplates = [ self::FALSE_EXTENSION => 'File has an incorrect extension', self::NOT_FOUND => 'File is not readable or does not exist',@@ -42,11 +40,10 @@ $fileInfo = $this->getFileInfo($value, $file); // Is file readable ?- if (! $this->getAllowNonExistentFile()+ if (+ ! $this->getAllowNonExistentFile() && (empty($fileInfo['file']) || false === is_readable($fileInfo['file'])) ) {- if (preg_match('/nofile\.mo$/', $fileInfo['file'])) {- } $this->error(self::NOT_FOUND); return false; }@@ -60,9 +57,7 @@ return true; } elseif (! $this->getCase()) { foreach ($extensions as $ext) {- if (strtolower($ext) == strtolower($extension)) {- if (preg_match('/nofile\.mo$/', $fileInfo['file'])) {- }+ if (strtolower($ext) === strtolower($extension)) { $this->error(self::FALSE_EXTENSION); return false; }
I'll analyze the code diff for security fixes following the specified format.
Vulnerability Existed: not sure
Potential Information Leak [include/laminas-mail/vendor/laminas/laminas-validator/src/File/ExcludeExtension.php] [Lines: 43-46]
[Old Code]
if (! $this->getAllowNonExistentFile()
&& (empty($fileInfo['file']) || false === is_readable($fileInfo['file']))
) {
if (preg_match('/nofile\.mo$/', $fileInfo['file'])) {
}
$this->error(self::NOT_FOUND);
return false;
}
[Fixed Code]
if (
! $this->getAllowNonExistentFile()
&& (empty($fileInfo['file']) || false === is_readable($fileInfo['file']))
) {
$this->error(self::NOT_FOUND);
return false;
}
Vulnerability Existed: not sure
Potential Information Leak [include/laminas-mail/vendor/laminas/laminas-validator/src/File/ExcludeExtension.php] [Lines: 60-63]
[Old Code]
if (strtolower($ext) == strtolower($extension)) {
if (preg_match('/nofile\.mo$/', $fileInfo['file'])) {
}
$this->error(self::FALSE_EXTENSION);
return false;
}
[Fixed Code]
if (strtolower($ext) === strtolower($extension)) {
$this->error(self::FALSE_EXTENSION);
return false;
}
Notes:
1. The diff shows removal of two suspicious empty preg_match() conditions that were checking for 'nofile.mo' pattern. These appear to be debugging artifacts that could potentially leak information about file paths.
2. The changes also include:
- Improved code formatting
- Changed visibility of constants from implicit to explicit public
- Added use statements for functions
- Changed == to === for strict comparison
3. While the removed preg_match() calls don't appear to be directly security vulnerabilities, they could potentially leak information in error messages or logs if they were being used for debugging purposes.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/vendor/laminas/laminas-validator/src/Db/RecordExists.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/vendor/laminas/laminas-validator/src/Db/RecordExists.php@@ -1,10 +1,4 @@ <?php--/**- * @see https://github.com/laminas/laminas-validator for the canonical source repository- * @copyright https://github.com/laminas/laminas-validator/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-validator/blob/master/LICENSE.md New BSD License- */ namespace Laminas\Validator\Db;@@ -12,9 +6,15 @@ /** * Confirms a record exists in a table.+ *+ * @deprecated This class will be removed in version 3.0 of this component. There is no replacement. */ class RecordExists extends AbstractDb {+ /**+ * @param mixed $value+ * @return bool+ */ public function isValid($value) { /*
Based on the provided code diff, I'll analyze it for security vulnerabilities: 1. Vulnerability Existed: no The diff shows only documentation changes and deprecation notice addition. The main changes are: - Removal of file header comments (copyright/license information) - Addition of deprecation notice in class docblock - Addition of method docblock for isValid() There are no security-related code changes visible in this diff. 2. Vulnerability Existed: not sure [Potential Documentation Removal] [include/laminas-mail/vendor/laminas/laminas-validator/src/Db/RecordExists.php] [Lines 1-10] [Old Code] /** * @see https://github.com/laminas/laminas-validator for the canonical source repository * @copyright https://github.com/laminas/laminas-validator/blob/master/COPYRIGHT.md * @license https://github.com/laminas/laminas-validator/blob/master/LICENSE.md New BSD License */ [Fixed Code] [Removed] Note: While the removal of license/copyright information isn't a security vulnerability per se, it could potentially lead to licensing compliance issues if not properly maintained elsewhere. No actual security vulnerabilities were found in the code changes shown in the diff. The changes appear to be primarily documentation-related.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/vendor/laminas/laminas-servicemanager/README.md+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/vendor/laminas/laminas-servicemanager/README.md@@ -1,11 +1,23 @@ # laminas-servicemanager-Master:-[](https://travis-ci.com/laminas/laminas-servicemanager)-[](https://coveralls.io/github/laminas/laminas-servicemanager?branch=master)-Develop:-[](https://travis-ci.com/laminas/laminas-servicemanager)-[](https://coveralls.io/github/laminas/laminas-servicemanager?branch=develop)+[](https://github.com/laminas/laminas-servicemanager/actions/workflows/continuous-integration.yml)+[](https://shepherd.dev/github/laminas/laminas-servicemanager)++> ## 🇷🇺 Русским гражданам+>+> Мы, участники Laminas, родились и живем в разных странах. У многих из нас есть друзья, родственники и коллеги как в России, так и в Украине. Некоторые из нас родились в России. Некоторые из нас живут в России. У некоторых бабушки и дедушки сражались с фашистами во Второй мировой войне. Здесь никто не поддерживает фашизм.+>+> У одного из нас есть украинская родственница, которая спаслась из дома вместе с сыном. Поезд задержался из-за бомбежки на дороге впереди. У нас есть друзья, которые прячутся в бомбоубежищах. Мы с тревогой ждем весточки от них после воздушных налетов, которые беспорядочно наносят удары и попадают по больницам, школам, детским садам и домам. Мы не берем это из каких-либо СМИ. Мы наблюдаем это напрямую.+>+> Вы доверяете нам достаточно, чтоб использовать наши программы, и мы просим вас довериться нам вновь. Мы нуждаемся в помощи. Выходите и протестуйте против этой бесполезной войны. Остановите кровопролитие. Скажите "Нет войне!"+>+> ## 🇺🇸 To Citizens of Russia+>+> We at Laminas come from all over the world. Many of us have friends, family and colleagues in both Russia and Ukraine. Some of us were born in Russia. Some of us currently live in Russia. Some have grandparents who fought Nazis in World War II. Nobody here supports fascism.+>+> One team member has a Ukrainian relative who fled her home with her son. The train was delayed due to bombing on the road ahead. We have friends who are hiding in bomb shelters. We anxiously follow up on them after the air raids, which indiscriminately fire at hospitals, schools, kindergartens and houses. We're not taking this from any media. These are our actual experiences.+>+> You trust us enough to use our software. We ask that you trust us to say the truth on this. We need your help. Go out and protest this unnecessary war. Stop the bloodshed. Say "stop the war!" The Service Locator design pattern is implemented by the `Laminas\ServiceManager` component. The Service Locator is a service/object locator, tasked with
After analyzing the provided code diff, I can conclude that this is a documentation/README update rather than a security fix. The changes primarily involve: 1. Updating CI/CD badge links (from TravisCI to GitHub Actions) 2. Adding a message about the Russia-Ukraine war in both Russian and English Here's the structured analysis: Vulnerability Existed: no No security vulnerability found [include/laminas-mail/vendor/laminas/laminas-servicemanager/README.md] [1-11 -> 1-23] [Old CI badges and no war message] [New CI badges and added war message] The changes don't indicate any security fixes or vulnerabilities being addressed. The modifications are purely documentation-related, updating build status badges and adding a humanitarian/political message about the Russia-Ukraine conflict. No code changes were made that would affect security.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/vendor/laminas/laminas-validator/src/Barcode/AdapterInterface.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/vendor/laminas/laminas-validator/src/Barcode/AdapterInterface.php@@ -1,10 +1,4 @@ <?php--/**- * @see https://github.com/laminas/laminas-validator for the canonical source repository- * @copyright https://github.com/laminas/laminas-validator/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-validator/blob/master/LICENSE.md New BSD License- */ namespace Laminas\Validator\Barcode;@@ -37,29 +31,30 @@ /** * Returns the allowed barcode length *- * @return int|array+ * @return int|string|array|null */ public function getLength(); /** * Returns the allowed characters *- * @return int|string|array+ * @return int|string|array|null */ public function getCharacters(); /** * Returns if barcode uses a checksum *- * @return bool+ * @return string|null */ public function getChecksum(); /** * Sets the checksum validation, if no value is given, the actual setting is returned *- * @param bool $check- * @return AbstractAdapter|bool+ * @param bool|null $check+ * @return $this|bool+ * @psalm-return ($check is null ? bool : static) */ public function useChecksum($check = null); }
Analyzing the provided code diff, I don't see any clear security vulnerabilities being fixed. The changes appear to be primarily documentation updates and type hint improvements. Here's the analysis following the requested format:
1. Vulnerability Existed: no
Documentation Update [include/laminas-mail/vendor/laminas/laminas-validator/src/Barcode/AdapterInterface.php] [Lines 1-10]
[Old Code]
<?php
/**
* @see https://github.com/laminas/laminas-validator for the canonical source repository
* @copyright https://github.com/laminas/laminas-validator/blob/master/COPYRIGHT.md
* @license https://github.com/laminas/laminas-validator/blob/master/LICENSE.md New BSD License
*/
[Fixed Code]
<?php
2. Vulnerability Existed: no
Return Type Clarification [include/laminas-mail/vendor/laminas/laminas-validator/src/Barcode/AdapterInterface.php] [Lines 37-56]
[Old Code]
/**
* Returns the allowed barcode length
*
* @return int|array
*/
public function getLength();
/**
* Returns the allowed characters
*
* @return int|string|array
*/
public function getCharacters();
/**
* Returns if barcode uses a checksum
*
* @return bool
*/
public function getChecksum();
/**
* Sets the checksum validation, if no value is given, the actual setting is returned
*
* @param bool $check
* @return AbstractAdapter|bool
*/
public function useChecksum($check = null);
[Fixed Code]
/**
* Returns the allowed barcode length
*
* @return int|string|array|null
*/
public function getLength();
/**
* Returns the allowed characters
*
* @return int|string|array|null
*/
public function getCharacters();
/**
* Returns if barcode uses a checksum
*
* @return string|null
*/
public function getChecksum();
/**
* Sets the checksum validation, if no value is given, the actual setting is returned
*
* @param bool|null $check
* @return $this|bool
* @psalm-return ($check is null ? bool : static)
*/
public function useChecksum($check = null);
The changes are primarily documentation improvements, adding null as possible return type and improving type hints. No security vulnerabilities were identified in this diff.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/vendor/laminas/laminas-validator/src/File/Md5.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/vendor/laminas/laminas-validator/src/File/Md5.php@@ -1,12 +1,11 @@ <?php-/**- * @see https://github.com/laminas/laminas-validator for the canonical source repository- * @copyright https://github.com/laminas/laminas-validator/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-validator/blob/master/LICENSE.md New BSD License- */+namespace Laminas\Validator\File;-namespace Laminas\Validator\File;+use function array_keys;+use function array_unique;+use function hash_file;+use function is_readable; /** * Validator for the md5 hash of given files@@ -18,13 +17,11 @@ /** * @const string Error constants */- const DOES_NOT_MATCH = 'fileMd5DoesNotMatch';- const NOT_DETECTED = 'fileMd5NotDetected';- const NOT_FOUND = 'fileMd5NotFound';+ public const DOES_NOT_MATCH = 'fileMd5DoesNotMatch';+ public const NOT_DETECTED = 'fileMd5NotDetected';+ public const NOT_FOUND = 'fileMd5NotFound';- /**- * @var array Error message templates- */+ /** @var array Error message templates */ protected $messageTemplates = [ self::DOES_NOT_MATCH => 'File does not match the given md5 hashes', self::NOT_DETECTED => 'An md5 hash could not be evaluated for the given file',
Analyzing the provided code diff, I don't see any clear security vulnerabilities being fixed. The changes appear to be primarily code style and organization improvements rather than security patches. Here's my analysis: 1. Vulnerability Existed: no No security vulnerability found [File] include/laminas-mail/vendor/laminas/laminas-validator/src/File/Md5.php [Lines] Various [Old Code] Various code style and organization elements [Fixed Code] Improved code style and organization The changes include: 1. Removal of redundant docblock comments 2. Changing visibility of constants from implicit to explicit public 3. Adding use statements for functions 4. Condensing documentation comments 5. No changes to the actual validation logic or security-related functionality These are all code quality improvements rather than security fixes. The MD5 validation logic itself remains unchanged, and there are no apparent vulnerabilities being addressed in this diff. If there were any security concerns with MD5 validation itself (which is known to be cryptographically weak), those would need to be addressed at a higher architectural level rather than in this specific implementation.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/vendor/laminas/laminas-validator/src/Barcode/Code93ext.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/vendor/laminas/laminas-validator/src/Barcode/Code93ext.php@@ -1,10 +1,4 @@ <?php--/**- * @see https://github.com/laminas/laminas-validator for the canonical source repository- * @copyright https://github.com/laminas/laminas-validator/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-validator/blob/master/LICENSE.md New BSD License- */ namespace Laminas\Validator\Barcode;
Analyzing the provided code diff, here's the security analysis: Vulnerability Existed: no [No specific vulnerability found] [include/laminas-mail/vendor/laminas/laminas-validator/src/Barcode/Code93ext.php] [Lines 1-10] [Old Code] <?php /** * @see https://github.com/laminas/laminas-validator for the canonical source repository * @copyright https://github.com/laminas/laminas-validator/blob/master/COPYRIGHT.md * @license https://github.com/laminas/laminas-validator/blob/master/LICENSE.md New BSD License */ [Fixed Code] <?php The changes shown in the diff only remove documentation comments (license, copyright, and repository information) from the file header. There are no code changes that would indicate a security fix. The modification appears to be purely documentation-related with no security implications. No actual code logic was modified, only metadata comments were removed. Therefore, there doesn't appear to be any security vulnerability being addressed in this particular diff.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/cli/modules/agent.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/cli/modules/agent.php@@ -91,14 +91,14 @@ if (!($this->stream = fopen($stream, 'c'))) $this->fail("Unable to open output file [{$options['file']}]");- fputcsv($this->stream, array('First Name', 'Last Name', 'Email', 'UserName'));+ fputcsv($this->stream, array('First Name', 'Last Name', 'Email', 'UserName'), ",", "\"", ""); foreach ($this->getAgents($options) as $agent) fputcsv($this->stream, array( $agent->getFirstName(), $agent->getLastName(), $agent->getEmail(), $agent->getUserName(),- ));+ ), ",", "\"", ""); break; case 'list':
Let me analyze the code diff for security fixes.
Vulnerability Existed: yes
CSV Injection (Formula Injection) [include/cli/modules/agent.php] [Lines 91, 97]
[Old Code]
fputcsv($this->stream, array('First Name', 'Last Name', 'Email', 'UserName'));
...
fputcsv($this->stream, array(
$agent->getFirstName(),
$agent->getLastName(),
$agent->getEmail(),
$agent->getUserName(),
));
[Fixed Code]
fputcsv($this->stream, array('First Name', 'Last Name', 'Email', 'UserName'), ",", "\"", "");
...
fputcsv($this->stream, array(
$agent->getFirstName(),
$agent->getLastName(),
$agent->getEmail(),
$agent->getUserName(),
), ",", "\"", "");
Additional Details:
The fix adds proper CSV escaping parameters to fputcsv() calls. The original code was vulnerable to CSV injection (also known as formula injection) where malicious input containing formulas (starting with =, +, -, @) could be interpreted by spreadsheet programs when the CSV is opened. The fix ensures proper quoting of all fields by adding the enclosure parameter (") and empty escape character. This prevents formula injection attacks by properly escaping all fields in the CSV output.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/vendor/laminas/laminas-servicemanager/src/Exception/InvalidServiceException.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/vendor/laminas/laminas-servicemanager/src/Exception/InvalidServiceException.php@@ -1,10 +1,6 @@ <?php-/**- * @see https://github.com/laminas/laminas-servicemanager for the canonical source repository- * @copyright https://github.com/laminas/laminas-servicemanager/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-servicemanager/blob/master/LICENSE.md New BSD License- */+declare(strict_types=1); namespace Laminas\ServiceManager\Exception;
Analyzing the provided code diff, here's the security assessment: Vulnerability Existed: no [No specific vulnerability] [include/laminas-mail/vendor/laminas/laminas-servicemanager/src/Exception/InvalidServiceException.php] [Lines 1-10] [Old Code] /** * @see https://github.com/laminas/laminas-servicemanager for the canonical source repository * @copyright https://github.com/laminas/laminas-servicemanager/blob/master/COPYRIGHT.md * @license https://github.com/laminas/laminas-servicemanager/blob/master/LICENSE.md New BSD License */ [Fixed Code] declare(strict_types=1); The changes made in this diff appear to be: 1. Removal of documentation comments (license/copyright information) 2. Addition of strict type declaration These changes don't appear to address any specific security vulnerability but rather improve code quality and type safety. The strict_types declaration helps prevent potential type-related issues but isn't directly fixing a security vulnerability.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/staff/tasks.inc.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/staff/tasks.inc.php@@ -152,7 +152,7 @@ ), ));-$tasks->values('id', 'number', 'created', 'staff_id', 'team_id',+$tasks->values('id', 'number', 'created', 'staff_id', 'dept_id', 'team_id', 'staff__firstname', 'staff__lastname', 'team__name', 'dept__name', 'cdata__title', 'flags', 'ticket__number', 'ticket__ticket_id'); // Apply requested quick filter
Let me analyze the code diff for potential security fixes.
Vulnerability Existed: not sure
[Potential Information Disclosure] [include/staff/tasks.inc.php] [Lines 152-153]
[Old Code]
$tasks->values('id', 'number', 'created', 'staff_id', 'team_id',
[Fixed Code]
$tasks->values('id', 'number', 'created', 'staff_id', 'dept_id', 'team_id',
Additional Details:
- The change adds 'dept_id' to the list of values being retrieved
- While this doesn't appear to be a direct security vulnerability, it might relate to proper access control
- The change could be part of a larger fix for information disclosure where department IDs were missing from queries
- Without more context about how these values are used, it's hard to determine if this was a security fix or just a functional change
Note: This doesn't appear to be fixing a clear vulnerability, but rather adding a field to the query. The security implications would depend on how this data is used elsewhere in the application.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/class.osticket.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/class.osticket.php@@ -320,7 +320,8 @@ .',title='.db_input(Format::sanitize($title, true)) .',log_type='.db_input($loglevel[$level]) .',log='.db_input(Format::sanitize($message, false))- .',ip_address='.db_input($_SERVER['REMOTE_ADDR']);+ .',ip_address='.db_input($_SERVER['REMOTE_ADDR'])+ .',logger=""'; db_query($sql, false);
Here's the analysis of the provided code diff: Vulnerability Existed: yes Cross-Site Scripting (XSS) Vulnerability [include/class.osticket.php] [Lines 320-321] [Old Code] ```php .',ip_address='.db_input($_SERVER['REMOTE_ADDR']) ``` [Fixed Code] ```php .',ip_address='.db_input($_SERVER['REMOTE_ADDR']) .',logger=""'; ``` Vulnerability Existed: not sure Potential SQL Injection [include/class.osticket.php] [Lines 320-321] [Old Code] ```php .',ip_address='.db_input($_SERVER['REMOTE_ADDR']) ``` [Fixed Code] ```php .',ip_address='.db_input($_SERVER['REMOTE_ADDR']) .',logger=""'; ``` Additional Details: 1. The main fix appears to be adding a default empty logger field to prevent potential XSS attacks by ensuring all fields are properly sanitized. 2. While the old code used db_input() for the IP address (which helps prevent SQL injection), the addition of the logger field suggests there might have been concerns about incomplete field sanitization. 3. The diff doesn't show any direct SQL injection vulnerability, but the change in structure suggests the developers were being extra cautious about SQL query construction.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/vendor/laminas/laminas-servicemanager/src/Exception/InvalidArgumentException.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/vendor/laminas/laminas-servicemanager/src/Exception/InvalidArgumentException.php@@ -1,18 +1,39 @@ <?php-/**- * @see https://github.com/laminas/laminas-servicemanager for the canonical source repository- * @copyright https://github.com/laminas/laminas-servicemanager/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-servicemanager/blob/master/LICENSE.md New BSD License- */+declare(strict_types=1); namespace Laminas\ServiceManager\Exception; use InvalidArgumentException as SplInvalidArgumentException;+use Laminas\ServiceManager\AbstractFactoryInterface;+use Laminas\ServiceManager\Initializer\InitializerInterface;++use function gettype;+use function is_object;+use function sprintf; /** * @inheritDoc */ class InvalidArgumentException extends SplInvalidArgumentException implements ExceptionInterface {+ public static function fromInvalidInitializer(mixed $initializer): self+ {+ return new self(sprintf(+ 'An invalid initializer was registered. Expected a callable or an'+ . ' instance of "%s"; received "%s"',+ InitializerInterface::class,+ is_object($initializer) ? $initializer::class : gettype($initializer)+ ));+ }++ public static function fromInvalidAbstractFactory(mixed $abstractFactory): self+ {+ return new self(sprintf(+ 'An invalid abstract factory was registered. Expected an instance of or a valid'+ . ' class name resolving to an implementation of "%s", but "%s" was received.',+ AbstractFactoryInterface::class,+ is_object($abstractFactory) ? $abstractFactory::class : gettype($abstractFactory)+ ));+ } }
Let me analyze the code diff for potential security vulnerabilities: 1. Vulnerability Existed: no No specific vulnerability found [File] include/laminas-mail/vendor/laminas/laminas-servicemanager/src/Exception/InvalidArgumentException.php [Lines] Entire file [Old Code] Basic exception class without specific validation methods [Fixed Code] Added type validation methods with improved error messages Analysis: The changes primarily add two new static factory methods (`fromInvalidInitializer` and `fromInvalidAbstractFactory`) that provide more detailed error messages when invalid types are passed. While this improves input validation and error reporting, I don't see any specific security vulnerability being fixed here. The changes appear to be: 1. Adding strict type declaration 2. Adding more specific exception creation methods 3. Improving type checking and error messages These are quality improvements rather than security fixes. The new methods help catch programming errors earlier with better error messages, but don't address any known security vulnerability.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/src/Message.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/src/Message.php@@ -1,18 +1,29 @@ <?php-/**- * @see https://github.com/laminas/laminas-mail for the canonical source repository- * @copyright https://github.com/laminas/laminas-mail/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-mail/blob/master/LICENSE.md New BSD License- */- namespace Laminas\Mail;+use ArrayIterator;+use Laminas\Mail\Header\Bcc;+use Laminas\Mail\Header\Cc; use Laminas\Mail\Header\ContentType;+use Laminas\Mail\Header\From;+use Laminas\Mail\Header\MimeVersion;+use Laminas\Mail\Header\ReplyTo; use Laminas\Mail\Header\Sender;+use Laminas\Mail\Header\To; use Laminas\Mime; use Traversable;+use function array_shift;+use function count;+use function date;+use function gettype;+use function is_array;+use function is_object;+use function is_string;+use function method_exists;+use function sprintf;+ class Message { /**@@ -22,9 +33,7 @@ */ protected $body;- /**- * @var Headers- */+ /** @var Headers */ protected $headers; /**@@ -78,7 +87,6 @@ /** * Compose headers *- * @param Headers $headers * @return Message */ public function setHeaders(Headers $headers)@@ -139,7 +147,7 @@ */ public function getFrom() {- return $this->getAddressListFromHeader('from', __NAMESPACE__ . '\Header\From');+ return $this->getAddressListFromHeader('from', From::class); } /**@@ -178,7 +186,7 @@ */ public function getTo() {- return $this->getAddressListFromHeader('to', __NAMESPACE__ . '\Header\To');+ return $this->getAddressListFromHeader('to', To::class); } /**@@ -215,7 +223,7 @@ */ public function getCc() {- return $this->getAddressListFromHeader('cc', __NAMESPACE__ . '\Header\Cc');+ return $this->getAddressListFromHeader('cc', Cc::class); } /**@@ -252,7 +260,7 @@ */ public function getBcc() {- return $this->getAddressListFromHeader('bcc', __NAMESPACE__ . '\Header\Bcc');+ return $this->getAddressListFromHeader('bcc', Bcc::class); } /**@@ -291,20 +299,18 @@ */ public function getReplyTo() {- return $this->getAddressListFromHeader('reply-to', __NAMESPACE__ . '\Header\ReplyTo');+ return $this->getAddressListFromHeader('reply-to', ReplyTo::class); } /** * setSender *- * @param mixed $emailOrAddress- * @param mixed $name- * @return Message- */- public function setSender($emailOrAddress, $name = null)+ * @return Message+ */+ public function setSender(mixed $emailOrAddress, mixed $name = null) { /** @var Sender $header */- $header = $this->getHeaderByName('sender', __NAMESPACE__ . '\Header\Sender');+ $header = $this->getHeaderByName('sender', Sender::class); $header->setAddress($emailOrAddress, $name); return $this; }@@ -322,7 +328,7 @@ } /** @var Sender $header */- $header = $this->getHeaderByName('sender', __NAMESPACE__ . '\Header\Sender');+ $header = $this->getHeaderByName('sender', Sender::class); return $header->getAddress(); }@@ -381,10 +387,11 @@ if (! $body instanceof Mime\Message) { if (! method_exists($body, '__toString')) { throw new Exception\InvalidArgumentException(sprintf(- '%s expects object arguments of type Laminas\Mime\Message or implementing __toString();'+ '%s expects object arguments of type %s or implementing __toString();' . ' object of type "%s" received', __METHOD__,- get_class($body)+ Mime\Message::class,+ $body::class )); } }@@ -397,14 +404,14 @@ // Get headers, and set Mime-Version header $headers = $this->getHeaders();- $this->getHeaderByName('mime-version', __NAMESPACE__ . '\Header\MimeVersion');+ $this->getHeaderByName('mime-version', MimeVersion::class); // Multipart content headers if ($this->body->isMultiPart()) {- $mime = $this->body->getMime();+ $mime = $this->body->getMime(); /** @var ContentType $header */- $header = $this->getHeaderByName('content-type', __NAMESPACE__ . '\Header\ContentType');+ $header = $this->getHeaderByName('content-type', ContentType::class); $header->setType('multipart/mixed'); $header->addParameter('boundary', $mime->boundary()); return $this;@@ -450,7 +457,7 @@ * * @param string $headerName * @param string $headerClass- * @return Header\HeaderInterface|\ArrayIterator header instance or collection of headers+ * @return Header\HeaderInterface|ArrayIterator header instance or collection of headers */ protected function getHeaderByName($headerName, $headerClass) {@@ -491,7 +498,7 @@ if (! $header instanceof Header\AbstractAddressList) { throw new Exception\DomainException(sprintf( 'Cannot grab address list from header of type "%s"; not an AbstractAddressList implementation',- get_class($header)+ $header::class )); } return $header->getAddressList();@@ -502,7 +509,6 @@ * * Proxied to this from addFrom, addTo, addCc, addBcc, and addReplyTo. *- * @param AddressList $addressList * @param string|Address\AddressInterface|array|AddressList|Traversable $emailOrAddressOrList * @param null|string $name * @param string $callingMethod@@ -525,7 +531,7 @@ '%s expects a string, AddressInterface, array, AddressList, or Traversable as its first argument;' . ' received "%s"', $callingMethod,- (is_object($emailOrAddressOrList) ? get_class($emailOrAddressOrList) : gettype($emailOrAddressOrList))+ is_object($emailOrAddressOrList) ? $emailOrAddressOrList::class : gettype($emailOrAddressOrList) )); }@@ -565,9 +571,9 @@ $headers = null; $content = null; Mime\Decode::splitMessage($rawMessage, $headers, $content, Headers::EOL);- if ($headers->has('mime-version')) {+ // if ($headers->has('mime-version')) { // todo - restore body to mime\message- }+ // } $message->setHeaders($headers); $message->setBody($content); return $message;
After analyzing the provided code diff, I can identify the following security-related changes: 1. Vulnerability Existed: yes Header Injection Vulnerability [include/laminas-mail/src/Message.php] [Multiple locations] [Old Code] Used string concatenation for header class names (e.g., `__NAMESPACE__ . '\Header\From'`) [Fixed Code] Now uses class constants (e.g., `From::class`) which is more secure and prevents potential header injection attacks 2. Vulnerability Existed: yes Type Safety Improvement [include/laminas-mail/src/Message.php] [Lines 307-311] [Old Code] `public function setSender($emailOrAddress, $name = null)` [Fixed Code] `public function setSender(mixed $emailOrAddress, mixed $name = null)` The change adds explicit type hints which helps prevent type confusion vulnerabilities 3. Vulnerability Existed: yes Error Message Information Disclosure [include/laminas-mail/src/Message.php] [Lines 384-391] [Old Code] Error message revealed internal class names without proper context [Fixed Code] Improved error message that provides clearer information without exposing unnecessary implementation details 4. Vulnerability Existed: not sure MIME Version Handling [include/laminas-mail/src/Message.php] [Lines 565-569] [Old Code] Had commented out MIME version check [Fixed Code] Removed the check entirely This might affect security as MIME version validation is important for email parsing security, but I'm not certain if this was an actual vulnerability 5. Vulnerability Existed: yes Class Name Disclosure [include/laminas-mail/src/Message.php] [Multiple locations] [Old Code] Used `get_class()` which could expose internal class names [Fixed Code] Uses `::class` syntax which is more secure and doesn't expose implementation details The most significant security improvements appear to be: 1. The switch from string concatenation to class constants for header class references 2. The improved type safety in method signatures 3. The removal of potentially sensitive information from error messages These changes help prevent header injection attacks and reduce information disclosure vulnerabilities.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/vendor/laminas/laminas-validator/src/File/ExcludeMimeType.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/vendor/laminas/laminas-validator/src/File/ExcludeMimeType.php@@ -1,12 +1,19 @@ <?php-/**- * @see https://github.com/laminas/laminas-validator for the canonical source repository- * @copyright https://github.com/laminas/laminas-validator/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-validator/blob/master/LICENSE.md New BSD License- */+namespace Laminas\Validator\File;-namespace Laminas\Validator\File;+use Psr\Http\Message\UploadedFileInterface;++use function array_merge;+use function class_exists;+use function explode;+use function finfo_file;+use function finfo_open;+use function in_array;+use function is_readable;+use function is_string;++use const FILEINFO_MIME_TYPE; /** * Validator for the mime type of a file@@ -15,13 +22,11 @@ { use FileInformationTrait;- const FALSE_TYPE = 'fileExcludeMimeTypeFalse';- const NOT_DETECTED = 'fileExcludeMimeTypeNotDetected';- const NOT_READABLE = 'fileExcludeMimeTypeNotReadable';+ public const FALSE_TYPE = 'fileExcludeMimeTypeFalse';+ public const NOT_DETECTED = 'fileExcludeMimeTypeNotDetected';+ public const NOT_READABLE = 'fileExcludeMimeTypeNotReadable';- /**- * @var array Error message templates- */+ /** @inheritDoc */ protected $messageTemplates = [ self::FALSE_TYPE => "File has an incorrect mimetype of '%type%'", self::NOT_DETECTED => 'The mimetype could not be detected from the file',@@ -33,8 +38,8 @@ * of mimetypes can be checked. If you give for example "image" all image * mime types will not be accepted like "image/gif", "image/jpeg" and so on. *- * @param string|array $value Real file to check for mimetype- * @param array $file File data from \Laminas\File\Transfer\Transfer (optional)+ * @param string|array|UploadedFileInterface $value Real file to check for mimetype+ * @param array $file File data from \Laminas\File\Transfer\Transfer (optional) * @return bool */ public function isValid($value, $file = null)@@ -51,7 +56,7 @@ $mimefile = $this->getMagicFile(); if (class_exists('finfo', false)) {- if (! $this->isMagicFileDisabled() && (! empty($mimefile) && empty($this->finfo))) {+ if (! $this->isMagicFileDisabled() && (is_string($mimefile) && empty($this->finfo))) { $this->finfo = finfo_open(FILEINFO_MIME_TYPE, $mimefile); }@@ -65,11 +70,11 @@ } }- if (empty($this->type) && $this->getHeaderCheck()) {+ if (! is_string($this->type) && $this->getHeaderCheck()) { $this->type = $fileInfo['filetype']; }- if (empty($this->type)) {+ if (! is_string($this->type)) { $this->error(self::NOT_DETECTED); return false; }
Analyzing the provided code diff, I can identify one security-related improvement:
1. Vulnerability Existed: yes
Input Validation Vulnerability [include/laminas-mail/vendor/laminas/laminas-validator/src/File/ExcludeMimeType.php] [Lines 56,70,74]
Old Code:
- `if (! $this->isMagicFileDisabled() && (! empty($mimefile) && empty($this->finfo))) {`
- `if (empty($this->type) && $this->getHeaderCheck()) {`
- `if (empty($this->type)) {`
Fixed Code:
- `if (! $this->isMagicFileDisabled() && (is_string($mimefile) && empty($this->finfo))) {`
- `if (! is_string($this->type) && $this->getHeaderCheck()) {`
- `if (! is_string($this->type)) {`
The changes improve type safety by replacing `empty()` checks with explicit type checking using `is_string()`. While this isn't fixing a specific named vulnerability, it strengthens input validation which could prevent potential type juggling or unexpected behavior issues. The more strict type checking helps ensure the code behaves as expected when dealing with file type validation.
2. Vulnerability Existed: not sure
Constant Visibility Change [include/laminas-mail/vendor/laminas/laminas-validator/src/File/ExcludeMimeType.php] [Lines 15-17]
Old Code:
- `const FALSE_TYPE = 'fileExcludeMimeTypeFalse';`
- `const NOT_DETECTED = 'fileExcludeMimeTypeNotDetected';`
- `const NOT_READABLE = 'fileExcludeMimeTypeNotReadable';`
Fixed Code:
- `public const FALSE_TYPE = 'fileExcludeMimeTypeFalse';`
- `public const NOT_DETECTED = 'fileExcludeMimeTypeNotDetected';`
- `public const NOT_READABLE = 'fileExcludeMimeTypeNotReadable';`
While changing constants from implicit to explicit public visibility is generally good practice, I'm not sure if this addresses any specific security vulnerability. It might be related to PHP version compatibility or code standards rather than security.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/vendor/laminas/laminas-validator/src/Hostname.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/vendor/laminas/laminas-validator/src/Hostname.php@@ -1,14 +1,34 @@-<?php--/**- * @see https://github.com/laminas/laminas-validator for the canonical source repository- * @copyright https://github.com/laminas/laminas-validator/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-validator/blob/master/LICENSE.md New BSD License- */+<?php // phpcs:disable Generic.Files.LineLength.TooLong namespace Laminas\Validator; use Laminas\Stdlib\StringUtils;++use function array_key_exists;+use function array_pop;+use function array_shift;+use function chr;+use function count;+use function end;+use function explode;+use function func_get_args;+use function implode;+use function in_array;+use function intval;+use function is_array;+use function is_string;+use function ord;+use function preg_match;+use function prev;+use function reset;+use function str_contains;+use function str_ends_with;+use function str_starts_with;+use function strlen;+use function strrpos;+use function strtolower;+use function strtoupper;+use function substr; /** * Please note there are two standalone test scripts for testing IDN characters due to problems@@ -19,25 +39,29 @@ * * The second is tests/Laminas/Validator/HostnameTestForm.php which is designed to be run via HTML * to allow users to test entering UTF-8 characters in a form.+ *+ * @psalm-type Options = array{+ * allow?: int-mask-of<self::ALLOW_*>,+ * useIdnCheck?: bool,+ * useTldCheck?: bool,+ * ipValidator?: null|ValidatorInterface,+ * } */ class Hostname extends AbstractValidator {- const CANNOT_DECODE_PUNYCODE = 'hostnameCannotDecodePunycode';- const INVALID = 'hostnameInvalid';- const INVALID_DASH = 'hostnameDashCharacter';- const INVALID_HOSTNAME = 'hostnameInvalidHostname';- const INVALID_HOSTNAME_SCHEMA = 'hostnameInvalidHostnameSchema';- const INVALID_LOCAL_NAME = 'hostnameInvalidLocalName';- const INVALID_URI = 'hostnameInvalidUri';- const IP_ADDRESS_NOT_ALLOWED = 'hostnameIpAddressNotAllowed';- const LOCAL_NAME_NOT_ALLOWED = 'hostnameLocalNameNotAllowed';- const UNDECIPHERABLE_TLD = 'hostnameUndecipherableTld';- const UNKNOWN_TLD = 'hostnameUnknownTld';-- // @codingStandardsIgnoreStart- /**- * @var array- */+ public const CANNOT_DECODE_PUNYCODE = 'hostnameCannotDecodePunycode';+ public const INVALID = 'hostnameInvalid';+ public const INVALID_DASH = 'hostnameDashCharacter';+ public const INVALID_HOSTNAME = 'hostnameInvalidHostname';+ public const INVALID_HOSTNAME_SCHEMA = 'hostnameInvalidHostnameSchema';+ public const INVALID_LOCAL_NAME = 'hostnameInvalidLocalName';+ public const INVALID_URI = 'hostnameInvalidUri';+ public const IP_ADDRESS_NOT_ALLOWED = 'hostnameIpAddressNotAllowed';+ public const LOCAL_NAME_NOT_ALLOWED = 'hostnameLocalNameNotAllowed';+ public const UNDECIPHERABLE_TLD = 'hostnameUndecipherableTld';+ public const UNKNOWN_TLD = 'hostnameUnknownTld';++ /** @var array */ protected $messageTemplates = [ self::CANNOT_DECODE_PUNYCODE => "The input appears to be a DNS hostname but the given punycode notation cannot be decoded", self::INVALID => "Invalid type given. String expected",@@ -51,33 +75,29 @@ self::UNDECIPHERABLE_TLD => "The input appears to be a DNS hostname but cannot extract TLD part", self::UNKNOWN_TLD => "The input appears to be a DNS hostname but cannot match TLD against known list", ];- // @codingStandardsIgnoreEnd-- /**- * @var array- */++ /** @var array */ protected $messageVariables = [ 'tld' => 'tld', ];- const ALLOW_DNS = 1; // Allows Internet domain names (e.g., example.com)- const ALLOW_IP = 2; // Allows IP addresses- const ALLOW_LOCAL = 4; // Allows local network names (e.g., localhost, www.localdomain)- const ALLOW_URI = 8; // Allows URI hostnames- const ALLOW_ALL = 15; // Allows all types of hostnames+ public const ALLOW_DNS = 1; // Allows Internet domain names (e.g., example.com)+ public const ALLOW_IP = 2; // Allows IP addresses+ public const ALLOW_LOCAL = 4; // Allows local network names (e.g., localhost, www.localdomain)+ public const ALLOW_URI = 8; // Allows URI hostnames+ public const ALLOW_ALL = 15; // Allows all types of hostnames /** * Array of valid top-level-domains- * IanaVersion 2020033100 * * @see ftp://data.iana.org/TLD/tlds-alpha-by-domain.txt List of all TLDs by domain * @see http://www.iana.org/domains/root/db/ Official list of supported TLDs- * @var array+ *+ * @var string[] */ protected $validTlds = [ 'aaa', 'aarp',- 'abarth', 'abb', 'abbott', 'abbvie',@@ -93,7 +113,6 @@ 'aco', 'actor', 'ad',- 'adac', 'ads', 'adult', 'ae',@@ -101,7 +120,6 @@ 'aero', 'aetna', 'af',- 'afamilycompany', 'afl', 'africa', 'ag',@@ -109,13 +127,11 @@ 'agency', 'ai', 'aig',- 'aigo', 'airbus', 'airforce', 'airtel', 'akdn', 'al',- 'alfaromeo', 'alibaba', 'alipay', 'allfinanz',@@ -124,6 +140,7 @@ 'alsace', 'alstom', 'am',+ 'amazon', 'americanexpress', 'americanfamily', 'amex',@@ -165,7 +182,6 @@ 'author', 'auto', 'autos',- 'avianca', 'aw', 'aws', 'ax',@@ -176,7 +192,6 @@ 'baby', 'baidu', 'banamex',- 'bananarepublic', 'band', 'bank', 'bar',@@ -253,8 +268,6 @@ 'brussels', 'bs', 'bt',- 'budapest',- 'bugatti', 'build', 'builders', 'business',@@ -274,7 +287,6 @@ 'cam', 'camera', 'camp',- 'cancerresearch', 'canon', 'capetown', 'capital',@@ -288,7 +300,6 @@ 'cars', 'casa', 'case',- 'caseih', 'cash', 'casino', 'cat',@@ -297,10 +308,8 @@ 'cba', 'cbn', 'cbre',- 'cbs', 'cc', 'cd',- 'ceb', 'center', 'ceo', 'cern',@@ -327,7 +336,6 @@ 'citi', 'citic', 'city',- 'cityeats', 'ck', 'cl', 'claims',@@ -348,7 +356,6 @@ 'college', 'cologne', 'com',- 'comcast', 'commbank', 'community', 'company',@@ -361,7 +368,6 @@ 'contact', 'contractors', 'cooking',- 'cookingchannel', 'cool', 'coop', 'corsica',@@ -379,7 +385,6 @@ 'crs', 'cruise', 'cruises',- 'csc', 'cu', 'cuisinella', 'cv',@@ -438,7 +443,6 @@ 'drive', 'dtv', 'dubai',- 'duck', 'dunlop', 'dupont', 'durban',@@ -468,9 +472,7 @@ 'es', 'esq', 'estate',- 'esurance', 'et',- 'etisalat', 'eu', 'eurovision', 'eus',@@ -496,7 +498,6 @@ 'ferrari', 'ferrero', 'fi',- 'fiat', 'fidelity', 'fido', 'film',@@ -522,7 +523,6 @@ 'fo', 'foo', 'food',- 'foodnetwork', 'football', 'ford', 'forex',@@ -535,11 +535,9 @@ 'fresenius', 'frl', 'frogans',- 'frontdoor', 'frontier', 'ftr', 'fujitsu',- 'fujixerox', 'fun', 'fund', 'furniture',@@ -574,7 +572,6 @@ 'gives', 'giving', 'gl',- 'glade', 'glass', 'gle', 'global',@@ -609,7 +606,6 @@ 'gs', 'gt', 'gu',- 'guardian', 'gucci', 'guge', 'guide',@@ -630,7 +626,6 @@ 'helsinki', 'here', 'hermes',- 'hgtv', 'hiphop', 'hisamitsu', 'hitachi',@@ -652,7 +647,6 @@ 'host', 'hosting', 'hot',- 'hoteles', 'hotels', 'hotmail', 'house',@@ -690,7 +684,6 @@ 'insurance', 'insure', 'int',- 'intel', 'international', 'intuit', 'investments',@@ -706,11 +699,9 @@ 'it', 'itau', 'itv',- 'iveco', 'jaguar', 'java', 'jcb',- 'jcp', 'je', 'jeep', 'jetzt',@@ -741,8 +732,8 @@ 'kh', 'ki', 'kia',+ 'kids', 'kim',- 'kinder', 'kindle', 'kitchen', 'kiwi',@@ -767,7 +758,6 @@ 'lamborghini', 'lamer', 'lancaster',- 'lancia', 'land', 'landrover', 'lanxess',@@ -798,12 +788,10 @@ 'limited', 'limo', 'lincoln',- 'linde', 'link', 'lipsy', 'live', 'living',- 'lixil', 'lk', 'llc', 'llp',@@ -811,7 +799,6 @@ 'loans', 'locker', 'locus',- 'loft', 'lol', 'london', 'lotte',@@ -826,13 +813,11 @@ 'ltda', 'lu', 'lundbeck',- 'lupin', 'luxe', 'luxury', 'lv', 'ly', 'ma',- 'macys', 'madrid', 'maif', 'maison',@@ -846,7 +831,6 @@ 'markets', 'marriott', 'marshalls',- 'maserati', 'mattel', 'mba', 'mc',@@ -862,7 +846,6 @@ 'men', 'menu', 'merckmsd',- 'metlife', 'mg', 'mh', 'miami',@@ -906,7 +889,7 @@ 'mtr', 'mu', 'museum',- 'mutual',+ 'music', 'mv', 'mw', 'mx',@@ -916,7 +899,6 @@ 'nab', 'nagoya', 'name',- 'nationwide', 'natura', 'navy', 'nba',@@ -929,7 +911,6 @@ 'network', 'neustar', 'new',- 'newholland', 'news', 'next', 'nextdirect',@@ -949,7 +930,6 @@ 'nl', 'no', 'nokia',- 'northwesternmutual', 'norton', 'now', 'nowruz',@@ -964,12 +944,10 @@ 'nz', 'obi', 'observer',- 'off', 'office', 'okinawa', 'olayan', 'olayangroup',- 'oldnavy', 'ollo', 'om', 'omega',@@ -977,7 +955,6 @@ 'ong', 'onl', 'online',- 'onyourside', 'ooo', 'open', 'oracle',@@ -997,7 +974,6 @@ 'partners', 'parts', 'party',- 'passagens', 'pay', 'pccw', 'pe',@@ -1064,10 +1040,8 @@ 'qpon', 'quebec', 'quest',- 'qvc', 'racing', 'radio',- 'raid', 're', 'read', 'realestate',@@ -1096,13 +1070,10 @@ 'rich', 'richardli', 'ricoh',- 'rightathome', 'ril', 'rio', 'rip',- 'rmit', 'ro',- 'rocher', 'rocks', 'rodeo', 'rogers',@@ -1137,7 +1108,6 @@ 'sbi', 'sbs', 'sc',- 'sca', 'scb', 'schaeffler', 'schmidt',@@ -1146,8 +1116,6 @@ 'schule', 'schwarz', 'science',- 'scjohnson',- 'scor', 'scot', 'sd', 'se',@@ -1159,7 +1127,6 @@ 'select', 'sener', 'services',- 'ses', 'seven', 'sew', 'sex',@@ -1178,8 +1145,6 @@ 'shopping', 'shouji', 'show',- 'showtime',- 'shriram', 'si', 'silk', 'sina',@@ -1209,10 +1174,10 @@ 'song', 'sony', 'soy',+ 'spa', 'space', 'sport', 'spot',- 'spreadbetting', 'sr', 'srl', 'ss',@@ -1241,12 +1206,10 @@ 'suzuki', 'sv', 'swatch',- 'swiftcover', 'swiss', 'sx', 'sy', 'sydney',- 'symantec', 'systems', 'sz', 'tab',@@ -1279,7 +1242,6 @@ 'tiaa', 'tickets', 'tienda',- 'tiffany', 'tips', 'tires', 'tirol',@@ -1309,7 +1271,6 @@ 'trading', 'training', 'travel',- 'travelchannel', 'travelers', 'travelersinsurance', 'trust',@@ -1364,14 +1325,12 @@ 'vlaanderen', 'vn', 'vodka',- 'volkswagen', 'volvo', 'vote', 'voting', 'voto', 'voyage', 'vu',- 'vuelos', 'wales', 'walmart', 'walter',@@ -1409,7 +1368,6 @@ 'wtf', 'xbox', 'xerox',- 'xfinity', 'xihuan', 'xin', 'कॉम',@@ -1421,12 +1379,12 @@ '在线', '한국', 'ଭାରତ',- '大众汽车', '点看', 'คอม', 'ভাৰত', 'ভারত', '八卦',+ 'ישראל', 'موقع', 'বাংলা', '公益',@@ -1452,6 +1410,7 @@ 'орг', 'नेट', 'ストア',+ 'アマゾン', '삼성', 'சிங்கப்பூர்', '商标',@@ -1462,7 +1421,6 @@ 'ею', 'ポイント', '新闻',- '工行', '家電', 'كوم', '中文网',@@ -1488,12 +1446,11 @@ 'ком', 'укр', '香港',- '诺基亚',+ '亚马逊', '食品', '飞利浦', '台湾', '台灣',- '手表', '手机', 'мон', 'الجزائر',@@ -1501,7 +1458,6 @@ 'ارامكو', 'ایران', 'العليان',- 'اتصالات', 'امارات', 'بازار', 'موريتانيا',@@ -1534,7 +1490,6 @@ '招聘', 'рус', 'рф',- '珠宝', 'تونس', '大拿', 'ລາວ',@@ -1591,9 +1546,9 @@ 'zw', ];- // @codingStandardsIgnoreStart /** * Array for valid Idns+ * * @see http://www.iana.org/domains/idn-tables/ Official list of supported IDN Chars * (.AC) Ascension Island http://www.nic.ac/pdf/AC-IDN-Policy.pdf * (.AR) Argentina http://www.nic.ar/faqidn.html@@ -1644,75 +1599,84 @@ * (.VE) Venice http://www.iana.org/domains/idn-tables/tables/ve_es_1.0.html * (.VN) Vietnam http://www.vnnic.vn/english/5-6-300-2-2-04-20071115.htm#1.%20Introduction *- * @var array+ * @var array<string, string|array<int, string>> */ protected $validIdns = [- 'AC' => [1 => '/^[\x{002d}0-9a-zà-öø-ÿāăąćĉċčďđēėęěĝġģĥħīįĵķĺļľŀłńņňŋőœŕŗřśŝşšţťŧūŭůűųŵŷźżž]{1,63}$/iu'],- 'AR' => [1 => '/^[\x{002d}0-9a-zà-ãç-êìíñ-õü]{1,63}$/iu'],- 'AS' => [1 => '/^[\x{002d}0-9a-zà-öø-ÿāăąćĉċčďđēĕėęěĝğġģĥħĩīĭįıĵķĸĺļľłńņňŋōŏőœŕŗřśŝşšţťŧũūŭůűųŵŷźż]{1,63}$/iu'],- 'AT' => [1 => '/^[\x{002d}0-9a-zà-öø-ÿœšž]{1,63}$/iu'],- 'BIZ' => 'Hostname/Biz.php',- 'BR' => [1 => '/^[\x{002d}0-9a-zà-ãçéíó-õúü]{1,63}$/iu'],- 'BV' => [1 => '/^[\x{002d}0-9a-zàáä-éêñ-ôöøüčđńŋšŧž]{1,63}$/iu'],- 'CAT' => [1 => '/^[\x{002d}0-9a-z·àç-éíïòóúü]{1,63}$/iu'],- 'CH' => [1 => '/^[\x{002d}0-9a-zà-öø-ÿœ]{1,63}$/iu'],- 'CL' => [1 => '/^[\x{002d}0-9a-záéíñóúü]{1,63}$/iu'],- 'CN' => 'Hostname/Cn.php',- 'COM' => 'Hostname/Com.php',- 'DE' => [1 => '/^[\x{002d}0-9a-záàăâåäãąāæćĉčċçďđéèĕêěëėęēğĝġģĥħíìĭîïĩįīıĵķĺľļłńňñņŋóòŏôöőõøōœĸŕřŗśŝšşßťţŧúùŭûůüűũųūŵýŷÿźžżðþ]{1,63}$/iu'],- 'DK' => [1 => '/^[\x{002d}0-9a-zäåæéöøü]{1,63}$/iu'],- 'EE' => [1 => '/^[\x{002d}0-9a-zäõöüšž]{1,63}$/iu'],- 'ES' => [1 => '/^[\x{002d}0-9a-zàáçèéíïñòóúü·]{1,63}$/iu'],- 'EU' => [1 => '/^[\x{002d}0-9a-zà-öø-ÿ]{1,63}$/iu',+ 'AC' => [1 => '/^[\x{002d}0-9a-zà-öø-ÿāăąćĉċčďđēėęěĝġģĥħīįĵķĺļľŀłńņňŋőœŕŗřśŝşšţťŧūŭůűųŵŷźżž]{1,63}$/iu'],+ 'AR' => [1 => '/^[\x{002d}0-9a-zà-ãç-êìíñ-õü]{1,63}$/iu'],+ 'AS' => [1 => '/^[\x{002d}0-9a-zà-öø-ÿāăąćĉċčďđēĕėęěĝğġģĥħĩīĭįıĵķĸĺļľłńņňŋōŏőœŕŗřśŝşšţťŧũūŭůűųŵŷźż]{1,63}$/iu'],+ 'AT' => [1 => '/^[\x{002d}0-9a-zà-öø-ÿœšž]{1,63}$/iu'],+ 'BIZ' => 'Hostname/Biz.php',+ 'BR' => [1 => '/^[\x{002d}0-9a-zà-ãçéíó-õúü]{1,63}$/iu'],+ 'BV' => [1 => '/^[\x{002d}0-9a-zàáä-éêñ-ôöøüčđńŋšŧž]{1,63}$/iu'],+ 'CAT' => [1 => '/^[\x{002d}0-9a-z·àç-éíïòóúü]{1,63}$/iu'],+ 'CH' => [1 => '/^[\x{002d}0-9a-zà-öø-ÿœ]{1,63}$/iu'],+ 'CL' => [1 => '/^[\x{002d}0-9a-záéíñóúü]{1,63}$/iu'],+ 'CN' => 'Hostname/Cn.php',+ 'COM' => 'Hostname/Com.php',+ 'DE' => [1 => '/^[\x{002d}0-9a-záàăâåäãąāæćĉčċçďđéèĕêěëėęēğĝġģĥħíìĭîïĩįīıĵķĺľļłńňñņŋóòŏôöőõøōœĸŕřŗśŝšşßťţŧúùŭûůüűũųūŵýŷÿźžżðþ]{1,63}$/iu'],+ 'DK' => [1 => '/^[\x{002d}0-9a-zäåæéöøü]{1,63}$/iu'],+ 'EE' => [1 => '/^[\x{002d}0-9a-zäõöüšž]{1,63}$/iu'],+ 'ES' => [1 => '/^[\x{002d}0-9a-zàáçèéíïñòóúü·]{1,63}$/iu'],+ 'EU' => [+ 1 => '/^[\x{002d}0-9a-zà-öø-ÿ]{1,63}$/iu', 2 => '/^[\x{002d}0-9a-zāăąćĉċčďđēĕėęěĝğġģĥħĩīĭįıĵķĺļľŀłńņňʼnŋōŏőœŕŗřśŝšťŧũūŭůűųŵŷźżž]{1,63}$/iu', 3 => '/^[\x{002d}0-9a-zșț]{1,63}$/iu', 4 => '/^[\x{002d}0-9a-zΐάέήίΰαβγδεζηθικλμνξοπρςστυφχψωϊϋόύώ]{1,63}$/iu', 5 => '/^[\x{002d}0-9a-zабвгдежзийклмнопрстуфхцчшщъыьэюя]{1,63}$/iu',- 6 => '/^[\x{002d}0-9a-zἀ-ἇἐ-ἕἠ-ἧἰ-ἷὀ-ὅὐ-ὗὠ-ὧὰ-ὼώᾀ-ᾇᾐ-ᾗᾠ-ᾧᾰ-ᾴᾶᾷῂῃῄῆῇῐ-ῒΐῖῗῠ-ῧῲῳῴῶῷ]{1,63}$/iu'],- 'FI' => [1 => '/^[\x{002d}0-9a-zäåö]{1,63}$/iu'],- 'GR' => [1 => '/^[\x{002d}0-9a-zΆΈΉΊΌΎ-ΡΣ-ώἀ-ἕἘ-Ἕἠ-ὅὈ-Ὅὐ-ὗὙὛὝὟ-ώᾀ-ᾴᾶ-ᾼῂῃῄῆ-ῌῐ-ΐῖ-Ίῠ-Ῥῲῳῴῶ-ῼ]{1,63}$/iu'],- 'HK' => 'Hostname/Cn.php',- 'HR' => [1 => '/^[\x{002d}0-9a-zžćčđš]{1,63}$/iu'],- 'HU' => [1 => '/^[\x{002d}0-9a-záéíóöúüőű]{1,63}$/iu'],- 'IL' => [1 => '/^[\x{002d}0-9\x{05D0}-\x{05EA}]{1,63}$/iu',- 2 => '/^[\x{002d}0-9a-z]{1,63}$/i'],- 'INFO' => [1 => '/^[\x{002d}0-9a-zäåæéöøü]{1,63}$/iu',+ 6 => '/^[\x{002d}0-9a-zἀ-ἇἐ-ἕἠ-ἧἰ-ἷὀ-ὅὐ-ὗὠ-ὧὰ-ὼώᾀ-ᾇᾐ-ᾗᾠ-ᾧᾰ-ᾴᾶᾷῂῃῄῆῇῐ-ῒΐῖῗῠ-ῧῲῳῴῶῷ]{1,63}$/iu',+ ],+ 'FI' => [1 => '/^[\x{002d}0-9a-zäåö]{1,63}$/iu'],+ 'GR' => [1 => '/^[\x{002d}0-9a-zΆΈΉΊΌΎ-ΡΣ-ώἀ-ἕἘ-Ἕἠ-ὅὈ-Ὅὐ-ὗὙὛὝὟ-ώᾀ-ᾴᾶ-ᾼῂῃῄῆ-ῌῐ-ΐῖ-Ίῠ-Ῥῲῳῴῶ-ῼ]{1,63}$/iu'],+ 'HK' => 'Hostname/Cn.php',+ 'HR' => [1 => '/^[\x{002d}0-9a-zžćčđš]{1,63}$/iu'],+ 'HU' => [1 => '/^[\x{002d}0-9a-záéíóöúüőű]{1,63}$/iu'],+ 'IL' => [+ 1 => '/^[\x{002d}0-9\x{05D0}-\x{05EA}]{1,63}$/iu',+ 2 => '/^[\x{002d}0-9a-z]{1,63}$/i',+ ],+ 'INFO' => [+ 1 => '/^[\x{002d}0-9a-zäåæéöøü]{1,63}$/iu', 2 => '/^[\x{002d}0-9a-záéíóöúüőű]{1,63}$/iu', 3 => '/^[\x{002d}0-9a-záæéíðóöúýþ]{1,63}$/iu', 4 => '/^[\x{AC00}-\x{D7A3}]{1,17}$/iu', 5 => '/^[\x{002d}0-9a-zāčēģīķļņōŗšūž]{1,63}$/iu', 6 => '/^[\x{002d}0-9a-ząčėęįšūųž]{1,63}$/iu', 7 => '/^[\x{002d}0-9a-zóąćęłńśźż]{1,63}$/iu',- 8 => '/^[\x{002d}0-9a-záéíñóúü]{1,63}$/iu'],- 'IO' => [1 => '/^[\x{002d}0-9a-zà-öø-ÿăąāćĉčċďđĕěėęēğĝġģĥħĭĩįīıĵķĺľļłńňņŋŏőōœĸŕřŗśŝšşťţŧŭůűũųūŵŷźžż]{1,63}$/iu'],- 'IS' => [1 => '/^[\x{002d}0-9a-záéýúíóþæöð]{1,63}$/iu'],- 'IT' => [1 => '/^[\x{002d}0-9a-zàâäèéêëìîïòôöùûüæœçÿß-]{1,63}$/iu'],- 'JP' => 'Hostname/Jp.php',- 'KR' => [1 => '/^[\x{AC00}-\x{D7A3}]{1,17}$/iu'],- 'LI' => [1 => '/^[\x{002d}0-9a-zà-öø-ÿœ]{1,63}$/iu'],- 'LT' => [1 => '/^[\x{002d}0-9ąčęėįšųūž]{1,63}$/iu'],- 'MD' => [1 => '/^[\x{002d}0-9ăâîşţ]{1,63}$/iu'],- 'MUSEUM' => [1 => '/^[\x{002d}0-9a-zà-öø-ÿāăąćċčďđēėęěğġģħīįıķĺļľłńņňŋōőœŕŗřśşšţťŧūůűųŵŷźżžǎǐǒǔ\x{01E5}\x{01E7}\x{01E9}\x{01EF}ə\x{0292}ẁẃẅỳ]{1,63}$/iu'],- 'NET' => 'Hostname/Com.php',- 'NO' => [1 => '/^[\x{002d}0-9a-zàáä-éêñ-ôöøüčđńŋšŧž]{1,63}$/iu'],- 'NU' => 'Hostname/Com.php',- 'ORG' => [1 => '/^[\x{002d}0-9a-záéíñóúü]{1,63}$/iu',+ 8 => '/^[\x{002d}0-9a-záéíñóúü]{1,63}$/iu',+ ],+ 'IO' => [1 => '/^[\x{002d}0-9a-zà-öø-ÿăąāćĉčċďđĕěėęēğĝġģĥħĭĩįīıĵķĺľļłńňņŋŏőōœĸŕřŗśŝšşťţŧŭůűũųūŵŷźžż]{1,63}$/iu'],+ 'IS' => [1 => '/^[\x{002d}0-9a-záéýúíóþæöð]{1,63}$/iu'],+ 'IT' => [1 => '/^[\x{002d}0-9a-zàâäèéêëìîïòôöùûüæœçÿß-]{1,63}$/iu'],+ 'JP' => 'Hostname/Jp.php',+ 'KR' => [1 => '/^[\x{AC00}-\x{D7A3}]{1,17}$/iu'],+ 'LI' => [1 => '/^[\x{002d}0-9a-zà-öø-ÿœ]{1,63}$/iu'],+ 'LT' => [1 => '/^[\x{002d}0-9ąčęėįšųūž]{1,63}$/iu'],+ 'MD' => [1 => '/^[\x{002d}0-9ăâîşţ]{1,63}$/iu'],+ 'MUSEUM' => [1 => '/^[\x{002d}0-9a-zà-öø-ÿāăąćċčďđēėęěğġģħīįıķĺļľłńņňŋōőœŕŗřśşšţťŧūůűųŵŷźżžǎǐǒǔ\x{01E5}\x{01E7}\x{01E9}\x{01EF}ə\x{0292}ẁẃẅỳ]{1,63}$/iu'],+ 'NET' => 'Hostname/Com.php',+ 'NO' => [1 => '/^[\x{002d}0-9a-zàáä-éêñ-ôöøüčđńŋšŧž]{1,63}$/iu'],+ 'NU' => 'Hostname/Com.php',+ 'ORG' => [+ 1 => '/^[\x{002d}0-9a-záéíñóúü]{1,63}$/iu', 2 => '/^[\x{002d}0-9a-zóąćęłńśźż]{1,63}$/iu', 3 => '/^[\x{002d}0-9a-záäåæéëíðóöøúüýþ]{1,63}$/iu', 4 => '/^[\x{002d}0-9a-záéíóöúüőű]{1,63}$/iu', 5 => '/^[\x{002d}0-9a-ząčėęįšūųž]{1,63}$/iu', 6 => '/^[\x{AC00}-\x{D7A3}]{1,17}$/iu',- 7 => '/^[\x{002d}0-9a-zāčēģīķļņōŗšūž]{1,63}$/iu'],- 'PE' => [1 => '/^[\x{002d}0-9a-zñáéíóúü]{1,63}$/iu'],- 'PL' => [1 => '/^[\x{002d}0-9a-zāčēģīķļņōŗšūž]{1,63}$/iu',- 2 => '/^[\x{002d}а-ик-ш\x{0450}ѓѕјљњќџ]{1,63}$/iu',- 3 => '/^[\x{002d}0-9a-zâîăşţ]{1,63}$/iu',- 4 => '/^[\x{002d}0-9а-яё\x{04C2}]{1,63}$/iu',- 5 => '/^[\x{002d}0-9a-zàáâèéêìíîòóôùúûċġħż]{1,63}$/iu',- 6 => '/^[\x{002d}0-9a-zàäåæéêòóôöøü]{1,63}$/iu',- 7 => '/^[\x{002d}0-9a-zóąćęłńśźż]{1,63}$/iu',- 8 => '/^[\x{002d}0-9a-zàáâãçéêíòóôõúü]{1,63}$/iu',- 9 => '/^[\x{002d}0-9a-zâîăşţ]{1,63}$/iu',+ 7 => '/^[\x{002d}0-9a-zāčēģīķļņōŗšūž]{1,63}$/iu',+ ],+ 'PE' => [1 => '/^[\x{002d}0-9a-zñáéíóúü]{1,63}$/iu'],+ 'PL' => [+ 1 => '/^[\x{002d}0-9a-zāčēģīķļņōŗšūž]{1,63}$/iu',+ 2 => '/^[\x{002d}а-ик-ш\x{0450}ѓѕјљњќџ]{1,63}$/iu',+ 3 => '/^[\x{002d}0-9a-zâîăşţ]{1,63}$/iu',+ 4 => '/^[\x{002d}0-9а-яё\x{04C2}]{1,63}$/iu',+ 5 => '/^[\x{002d}0-9a-zàáâèéêìíîòóôùúûċġħż]{1,63}$/iu',+ 6 => '/^[\x{002d}0-9a-zàäåæéêòóôöøü]{1,63}$/iu',+ 7 => '/^[\x{002d}0-9a-zóąćęłńśźż]{1,63}$/iu',+ 8 => '/^[\x{002d}0-9a-zàáâãçéêíòóôõúü]{1,63}$/iu',+ 9 => '/^[\x{002d}0-9a-zâîăşţ]{1,63}$/iu', 10 => '/^[\x{002d}0-9a-záäéíóôúýčďĺľňŕšťž]{1,63}$/iu', 11 => '/^[\x{002d}0-9a-zçë]{1,63}$/iu', 12 => '/^[\x{002d}0-9а-ик-шђјљњћџ]{1,63}$/iu',@@ -1736,100 +1700,113 @@ 30 => '/^[\x{002d}0-9a-záäåæéëíðóöøúüýþ]{1,63}$/iu', 31 => '/^[\x{002d}0-9a-zàâæçèéêëîïñôùûüÿœ]{1,63}$/iu', 32 => '/^[\x{002d}0-9а-щъыьэюяёєіїґ]{1,63}$/iu',- 33 => '/^[\x{002d}0-9א-ת]{1,63}$/iu'],- 'PR' => [1 => '/^[\x{002d}0-9a-záéíóúñäëïüöâêîôûàèùæçœãõ]{1,63}$/iu'],- 'PT' => [1 => '/^[\x{002d}0-9a-záàâãçéêíóôõú]{1,63}$/iu'],- 'RS' => [1 => '/^[\x{002d}0-9a-zßáâäçéëíîóôöúüýăąćčďđęěĺľłńňőŕřśşšţťůűźżž]{1,63}$/iu'],- 'RU' => [1 => '/^[\x{002d}0-9а-яё]{1,63}$/iu'],- 'SA' => [1 => '/^[\x{002d}.0-9\x{0621}-\x{063A}\x{0641}-\x{064A}\x{0660}-\x{0669}]{1,63}$/iu'],- 'SE' => [1 => '/^[\x{002d}0-9a-zäåéöü]{1,63}$/iu'],- 'SH' => [1 => '/^[\x{002d}0-9a-zà-öø-ÿăąāćĉčċďđĕěėęēğĝġģĥħĭĩįīıĵķĺľļłńňņŋŏőōœĸŕřŗśŝšşťţŧŭůűũųūŵŷźžż]{1,63}$/iu'],- 'SI' => [+ 33 => '/^[\x{002d}0-9א-ת]{1,63}$/iu',+ ],+ 'PR' => [1 => '/^[\x{002d}0-9a-záéíóúñäëïüöâêîôûàèùæçœãõ]{1,63}$/iu'],+ 'PT' => [1 => '/^[\x{002d}0-9a-záàâãçéêíóôõú]{1,63}$/iu'],+ 'RS' => [1 => '/^[\x{002d}0-9a-zßáâäçéëíîóôöúüýăąćčďđęěĺľłńňőŕřśşšţťůűźżž]{1,63}$/iu'],+ 'RU' => [1 => '/^[\x{002d}0-9а-яё]{1,63}$/iu'],+ 'SA' => [1 => '/^[\x{002d}.0-9\x{0621}-\x{063A}\x{0641}-\x{064A}\x{0660}-\x{0669}]{1,63}$/iu'],+ 'SE' => [1 => '/^[\x{002d}0-9a-zäåéöü]{1,63}$/iu'],+ 'SH' => [1 => '/^[\x{002d}0-9a-zà-öø-ÿăąāćĉčċďđĕěėęēğĝġģĥħĭĩįīıĵķĺľļłńňņŋŏőōœĸŕřŗśŝšşťţŧŭůűũųūŵŷźžż]{1,63}$/iu'],+ 'SI' => [ 1 => '/^[\x{002d}0-9a-zà-öø-ÿ]{1,63}$/iu', 2 => '/^[\x{002d}0-9a-zāăąćĉċčďđēĕėęěĝğġģĥħĩīĭįıĵķĺļľŀłńņňʼnŋōŏőœŕŗřśŝšťŧũūŭůűųŵŷźżž]{1,63}$/iu',- 3 => '/^[\x{002d}0-9a-zșț]{1,63}$/iu'],- 'SJ' => [1 => '/^[\x{002d}0-9a-zàáä-éêñ-ôöøüčđńŋšŧž]{1,63}$/iu'],- 'TH' => [1 => '/^[\x{002d}0-9a-z\x{0E01}-\x{0E3A}\x{0E40}-\x{0E4D}\x{0E50}-\x{0E59}]{1,63}$/iu'],- 'TM' => [1 => '/^[\x{002d}0-9a-zà-öø-ÿāăąćĉċčďđēėęěĝġģĥħīįĵķĺļľŀłńņňŋőœŕŗřśŝşšţťŧūŭůűųŵŷźżž]{1,63}$/iu'],- 'TW' => 'Hostname/Cn.php',- 'TR' => [1 => '/^[\x{002d}0-9a-zğıüşöç]{1,63}$/iu'],- 'UA' => [1 => '/^[\x{002d}0-9a-zабвгдежзийклмнопрстуфхцчшщъыьэюяѐёђѓєѕіїјљњћќѝўџґӂʼ]{1,63}$/iu'],- 'VE' => [1 => '/^[\x{002d}0-9a-záéíóúüñ]{1,63}$/iu'],- 'VN' => [1 => '/^[ÀÁÂÃÈÉÊÌÍÒÓÔÕÙÚÝàáâãèéêìíòóôõùúýĂăĐđĨĩŨũƠơƯư\x{1EA0}-\x{1EF9}]{1,63}$/iu'],- 'мон' => [1 => '/^[\x{002d}0-9\x{0430}-\x{044F}]{1,63}$/iu'],- 'срб' => [1 => '/^[\x{002d}0-9а-ик-шђјљњћџ]{1,63}$/iu'],- 'сайт' => [1 => '/^[\x{002d}0-9а-яёіїѝйўґг]{1,63}$/iu'],- 'онлайн' => [1 => '/^[\x{002d}0-9а-яёіїѝйўґг]{1,63}$/iu'],- '中国' => 'Hostname/Cn.php',- '中國' => 'Hostname/Cn.php',- 'ලංකා' => [1 => '/^[\x{0d80}-\x{0dff}]{1,63}$/iu'],- '香港' => 'Hostname/Cn.php',- '台湾' => 'Hostname/Cn.php',- '台灣' => 'Hostname/Cn.php',+ 3 => '/^[\x{002d}0-9a-zșț]{1,63}$/iu',+ ],+ 'SJ' => [1 => '/^[\x{002d}0-9a-zàáä-éêñ-ôöøüčđńŋšŧž]{1,63}$/iu'],+ 'TH' => [1 => '/^[\x{002d}0-9a-z\x{0E01}-\x{0E3A}\x{0E40}-\x{0E4D}\x{0E50}-\x{0E59}]{1,63}$/iu'],+ 'TM' => [1 => '/^[\x{002d}0-9a-zà-öø-ÿāăąćĉċčďđēėęěĝġģĥħīįĵķĺļľŀłńņňŋőœŕŗřśŝşšţťŧūŭůűųŵŷźżž]{1,63}$/iu'],+ 'TW' => 'Hostname/Cn.php',+ 'TR' => [1 => '/^[\x{002d}0-9a-zğıüşöç]{1,63}$/iu'],+ 'UA' => [1 => '/^[\x{002d}0-9a-zабвгдежзийклмнопрстуфхцчшщъыьэюяѐёђѓєѕіїјљњћќѝўџґӂʼ]{1,63}$/iu'],+ 'VE' => [1 => '/^[\x{002d}0-9a-záéíóúüñ]{1,63}$/iu'],+ 'VN' => [1 => '/^[ÀÁÂÃÈÉÊÌÍÒÓÔÕÙÚÝàáâãèéêìíòóôõùúýĂăĐđĨĩŨũƠơƯư\x{1EA0}-\x{1EF9}]{1,63}$/iu'],+ 'мон' => [1 => '/^[\x{002d}0-9\x{0430}-\x{044F}]{1,63}$/iu'],+ 'срб' => [1 => '/^[\x{002d}0-9а-ик-шђјљњћџ]{1,63}$/iu'],+ 'сайт' => [1 => '/^[\x{002d}0-9а-яёіїѝйўґг]{1,63}$/iu'],+ 'онлайн' => [1 => '/^[\x{002d}0-9а-яёіїѝйўґг]{1,63}$/iu'],+ '中国' => 'Hostname/Cn.php',+ '中國' => 'Hostname/Cn.php',+ 'ලංකා' => [1 => '/^[\x{0d80}-\x{0dff}]{1,63}$/iu'],+ '香港' => 'Hostname/Cn.php',+ '台湾' => 'Hostname/Cn.php',+ '台灣' => 'Hostname/Cn.php', 'امارات' => [1 => '/^[\x{0621}-\x{0624}\x{0626}-\x{063A}\x{0641}\x{0642}\x{0644}-\x{0648}\x{067E}\x{0686}\x{0698}\x{06A9}\x{06AF}\x{06CC}\x{06F0}-\x{06F9}]{1,30}$/iu'],- 'الاردن' => [1 => '/^[\x{0621}-\x{0624}\x{0626}-\x{063A}\x{0641}\x{0642}\x{0644}-\x{0648}\x{067E}\x{0686}\x{0698}\x{06A9}\x{06AF}\x{06CC}\x{06F0}-\x{06F9}]{1,30}$/iu'],+ 'الاردن' => [1 => '/^[\x{0621}-\x{0624}\x{0626}-\x{063A}\x{0641}\x{0642}\x{0644}-\x{0648}\x{067E}\x{0686}\x{0698}\x{06A9}\x{06AF}\x{06CC}\x{06F0}-\x{06F9}]{1,30}$/iu'], 'السعودية' => [1 => '/^[\x{0621}-\x{0624}\x{0626}-\x{063A}\x{0641}\x{0642}\x{0644}-\x{0648}\x{067E}\x{0686}\x{0698}\x{06A9}\x{06AF}\x{06CC}\x{06F0}-\x{06F9}]{1,30}$/iu'],- 'ไทย' => [1 => '/^[\x{002d}0-9a-z\x{0E01}-\x{0E3A}\x{0E40}-\x{0E4D}\x{0E50}-\x{0E59}]{1,63}$/iu'],- 'рф' => [1 => '/^[\x{002d}0-9а-яё]{1,63}$/iu'],- 'تونس' => [1 => '/^[\x{0621}-\x{0624}\x{0626}-\x{063A}\x{0641}\x{0642}\x{0644}-\x{0648}\x{067E}\x{0686}\x{0698}\x{06A9}\x{06AF}\x{06CC}\x{06F0}-\x{06F9}]{1,30}$/iu'],- 'مصر' => [1 => '/^[\x{0621}-\x{0624}\x{0626}-\x{063A}\x{0641}\x{0642}\x{0644}-\x{0648}\x{067E}\x{0686}\x{0698}\x{06A9}\x{06AF}\x{06CC}\x{06F0}-\x{06F9}]{1,30}$/iu'],- 'இலங்கை' => [1 => '/^[\x{0b80}-\x{0bff}]{1,63}$/iu'],- 'فلسطين' => [1 => '/^[\x{0621}-\x{0624}\x{0626}-\x{063A}\x{0641}\x{0642}\x{0644}-\x{0648}\x{067E}\x{0686}\x{0698}\x{06A9}\x{06AF}\x{06CC}\x{06F0}-\x{06F9}]{1,30}$/iu'],- 'شبكة' => [1 => '/^[\x{0621}-\x{0624}\x{0626}-\x{063A}\x{0641}\x{0642}\x{0644}-\x{0648}\x{067E}\x{0686}\x{0698}\x{06A9}\x{06AF}\x{06CC}\x{06F0}-\x{06F9}]{1,30}$/iu'],+ 'ไทย' => [1 => '/^[\x{002d}0-9a-z\x{0E01}-\x{0E3A}\x{0E40}-\x{0E4D}\x{0E50}-\x{0E59}]{1,63}$/iu'],+ 'рф' => [1 => '/^[\x{002d}0-9а-яё]{1,63}$/iu'],+ 'تونس' => [1 => '/^[\x{0621}-\x{0624}\x{0626}-\x{063A}\x{0641}\x{0642}\x{0644}-\x{0648}\x{067E}\x{0686}\x{0698}\x{06A9}\x{06AF}\x{06CC}\x{06F0}-\x{06F9}]{1,30}$/iu'],+ 'مصر' => [1 => '/^[\x{0621}-\x{0624}\x{0626}-\x{063A}\x{0641}\x{0642}\x{0644}-\x{0648}\x{067E}\x{0686}\x{0698}\x{06A9}\x{06AF}\x{06CC}\x{06F0}-\x{06F9}]{1,30}$/iu'],+ 'இலங்கை' => [1 => '/^[\x{0b80}-\x{0bff}]{1,63}$/iu'],+ 'فلسطين' => [1 => '/^[\x{0621}-\x{0624}\x{0626}-\x{063A}\x{0641}\x{0642}\x{0644}-\x{0648}\x{067E}\x{0686}\x{0698}\x{06A9}\x{06AF}\x{06CC}\x{06F0}-\x{06F9}]{1,30}$/iu'],+ 'شبكة' => [1 => '/^[\x{0621}-\x{0624}\x{0626}-\x{063A}\x{0641}\x{0642}\x{0644}-\x{0648}\x{067E}\x{0686}\x{0698}\x{06A9}\x{06AF}\x{06CC}\x{06F0}-\x{06F9}]{1,30}$/iu'], ];- // @codingStandardsIgnoreEnd-++ /** @var array<string, array<int, int>> */ protected $idnLength = [- 'BIZ' => [5 => 17, 11 => 15, 12 => 20],- 'CN' => [1 => 20],- 'COM' => [3 => 17, 5 => 20],- 'HK' => [1 => 15],- 'INFO' => [4 => 17],- 'KR' => [1 => 17],- 'NET' => [3 => 17, 5 => 20],- 'ORG' => [6 => 17],- 'TW' => [1 => 20],- 'امارات' => [1 => 30],- 'الاردن' => [1 => 30],+ 'BIZ' => [5 => 17, 11 => 15, 12 => 20],+ 'CN' => [1 => 20],+ 'COM' => [3 => 17, 5 => 20],+ 'HK' => [1 => 15],+ 'INFO' => [4 => 17],+ 'KR' => [1 => 17],+ 'NET' => [3 => 17, 5 => 20],+ 'ORG' => [6 => 17],+ 'TW' => [1 => 20],+ 'امارات' => [1 => 30],+ 'الاردن' => [1 => 30], 'السعودية' => [1 => 30],- 'تونس' => [1 => 30],- 'مصر' => [1 => 30],- 'فلسطين' => [1 => 30],- 'شبكة' => [1 => 30],- '中国' => [1 => 20],- '中國' => [1 => 20],- '香港' => [1 => 20],- '台湾' => [1 => 20],- '台灣' => [1 => 20],+ 'تونس' => [1 => 30],+ 'مصر' => [1 => 30],+ 'فلسطين' => [1 => 30],+ 'شبكة' => [1 => 30],+ '中国' => [1 => 20],+ '中國' => [1 => 20],+ '香港' => [1 => 20],+ '台湾' => [1 => 20],+ '台灣' => [1 => 20], ];+ /** @var null|false|string */ protected $tld; /** * Options for the hostname validator *- * @var array+ * @var Options */ protected $options = [ 'allow' => self::ALLOW_DNS, // Allow these hostnames- 'useIdnCheck' => true, // Check IDN domains- 'useTldCheck' => true, // Check TLD elements- 'ipValidator' => null, // IP validator to use+ 'useIdnCheck' => true, // Check IDN domains+ 'useTldCheck' => true, // Check TLD elements+ 'ipValidator' => null, // IP validator to use ];++ // phpcs:disable Squiz.Commenting.FunctionComment.ExtraParamComment /** * Sets validator options. *- * @param int $allow OPTIONAL Set what types of hostname to allow (default ALLOW_DNS)- * @param bool $useIdnCheck OPTIONAL Set whether IDN domains are validated (default true)- * @param bool $useTldCheck Set whether the TLD element of a hostname is validated (default true)- * @param Ip $ipValidator OPTIONAL * @see http://www.iana.org/cctld/specifications-policies-cctlds-01apr02.htm Technical Specifications for ccTLDs+ *+ * Options Parameters should be passed as an array in the following format:+ * $options = [+ * 'allow' => ALLOW_DNS, // OPTIONAL Set what types of hostname to allow (default ALLOW_DNS)+ * 'useIdnCheck' => true, // OPTIONAL Set whether IDN domains are validated (default true)+ * 'useTldCheck' => true, // Set whether the TLD element of a hostname is validated (default true)+ * 'ipValidator' => null, // An IP validator instance or null @link Ip+ * ];+ *+ * For backwards compatibility, options can also be passed as variables in the order stated above.+ *+ * @param Options $options OPTIONAL Array of validator options; see Hostname::$options */ public function __construct($options = []) { if (! is_array($options)) {- $options = func_get_args();+ $options = func_get_args(); $temp['allow'] = array_shift($options); if (! empty($options)) { $temp['useIdnCheck'] = array_shift($options);@@ -1864,11 +1841,10 @@ } /**- * * @param Ip $ipValidator OPTIONAL- * @return Hostname;+ * @return self */- public function setIpValidator(Ip $ipValidator = null)+ public function setIpValidator(?Ip $ipValidator = null) { if ($ipValidator === null) { $ipValidator = new Ip();
After analyzing the provided code diff, I don't see any clear security vulnerabilities that were fixed. The changes appear to be primarily: 1. Code style and documentation improvements (adding type hints, psalm annotations, etc.) 2. Updating the list of valid TLDs (adding/removing some domains) 3. Adding new utility function imports 4. Some minor logic improvements (like using str_contains() instead of strpos()) Here's the analysis following the requested format: Vulnerability Existed: no No security vulnerabilities found [File] [Lines] [Old Code] [Fixed Code] The changes seem focused on maintenance, code quality, and keeping the TLD list up-to-date rather than addressing security issues. The hostname validation logic remains robust with proper checks for: - DNS hostnames - IDN domains - TLD validation - IP address formats - Local network names The validation still properly handles punycode decoding and checks for invalid characters/dashes in hostnames. If I had to identify any potential security-related improvements, it would be the addition of the '@' character check (line 1957 in the new code), but this is more of a validation improvement than a security fix. Vulnerability Existed: not sure Potential validation improvement [File] [Lines 1957-1961] [Old Code] (no specific check for '@' in hostnames) [Fixed Code] (explicit check for '@' character in hostnames) However, this is more of a validation completeness issue rather than a security vulnerability per se.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/src/Header/Received.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/src/Header/Received.php@@ -1,40 +1,40 @@ <?php--/**- * @see https://github.com/laminas/laminas-mail for the canonical source repository- * @copyright https://github.com/laminas/laminas-mail/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-mail/blob/master/LICENSE.md New BSD License- */ namespace Laminas\Mail\Header; use Laminas\Mail\Headers;++use function implode;+use function strtolower; /** * @todo Allow setting date from DateTime, Laminas\Date, or string */ class Received implements HeaderInterface, MultipleHeadersInterface {- /**- * @var string- */+ /** @var string */ protected $value;+ /**+ * @param string $headerLine+ * @return static+ */ public static function fromString($headerLine) {- list($name, $value) = GenericHeader::splitHeaderLine($headerLine);- $value = HeaderWrap::mimeDecodeValue($value);+ [$name, $value] = GenericHeader::splitHeaderLine($headerLine);+ $value = HeaderWrap::mimeDecodeValue($value); // check to ensure proper header type for this factory if (strtolower($name) !== 'received') { throw new Exception\InvalidArgumentException('Invalid header line for Received string'); }- $header = new static($value);-- return $header;+ return new static($value); }+ /**+ * @param string $value+ */ public function __construct($value = '') { if (! HeaderValue::isValid($value)) {@@ -43,27 +43,43 @@ $this->value = $value; }+ /**+ * @return string+ */ public function getFieldName() { return 'Received'; }+ /**+ * @inheritDoc+ */ public function getFieldValue($format = HeaderInterface::FORMAT_RAW) { return $this->value; }+ /**+ * @param string $encoding+ * @return self+ */ public function setEncoding($encoding) { // This header must be always in US-ASCII return $this; }+ /**+ * @return string+ */ public function getEncoding() { return 'ASCII'; }+ /**+ * @return string+ */ public function toString() { return 'Received: ' . $this->getFieldValue();@@ -80,7 +96,7 @@ { $strings = [$this->toString()]; foreach ($headers as $header) {- if (! $header instanceof Received) {+ if (! $header instanceof self) { throw new Exception\RuntimeException( 'The Received multiple header implementation can only accept an array of Received headers' );
Here's the analysis of the provided code diff following the specified format: 1. Vulnerability Existed: no No specific vulnerability found [File] include/laminas-mail/src/Header/Received.php [Lines] All [Old Code] (Various code segments) [Fixed Code] (Various code segments) Additional Details: The changes appear to be primarily code quality improvements and modernization rather than security fixes. Changes include: - Added proper type hints and return type declarations - Improved array destructuring syntax - Added more complete docblocks - Simplified some return statements - Changed `static` to `self` for consistency - No security-relevant vulnerabilities were addressed in this diff 2. Vulnerability Existed: not sure Potential Header Injection [File] include/laminas-mail/src/Header/Received.php [Lines] 19-29 [Old Code] Uses basic string operations for header parsing [Fixed Code] Still uses basic string operations but with modern syntax Additional Details: While not directly fixing a vulnerability, the header parsing remains potentially vulnerable to header injection if input isn't properly validated. However, the validation appears adequate with the existing HeaderValue::isValid check. The changes appear to be focused on code quality and maintainability rather than addressing specific security vulnerabilities. The code maintains its existing security measures (header validation, ASCII enforcement) while being modernized.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.