From d59cbfef5d8a78da55e4c1919862e9e3968b3715 Mon Sep 17 00:00:00 2001
From: Deon George <deon@dege.au>
Date: Thu, 11 Jan 2024 09:23:54 +1100
Subject: [PATCH] Fix XSS vulnerability, when import is using a file upload
 without a valid LDIF. Also fixes #250 and closes #251

---
 htdocs/import.php        | 2 +-
 lib/Template.php         | 2 ++
 lib/import_functions.php | 4 +++-
 3 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/htdocs/import.php b/htdocs/import.php
index 22d7ee2d..f87fa24e 100644
--- a/htdocs/import.php
+++ b/htdocs/import.php
@@ -103,7 +103,7 @@ function display_pla_parse_error($request) {
 	printf('<tr><td colspan=2><b>%s</b>:</td></tr>',_('Data'));
 
 	foreach ($request->error['data'] as $line)
-		printf('<tr><td>&nbsp;</td><td>%s</td></tr>',$line);
+		printf('<tr><td>&nbsp;</td><td>%s</td></tr>',htmlspecialchars($line));
 
 	echo '</table>';
 	echo '</center>';
diff --git a/lib/Template.php b/lib/Template.php
index 96e184f7..9eb3a88b 100644
--- a/lib/Template.php
+++ b/lib/Template.php
@@ -660,6 +660,8 @@ public function getDN() {
 		# If container is not set, we're probably creating the base
 		elseif ($this->getRDN() && get_request('create_base'))
 			return $this->getRDN();
+
+		return '';
 	}
 
 	public function getDNEncode($url=true) {
diff --git a/lib/import_functions.php b/lib/import_functions.php
index 84177215..685676f8 100644
--- a/lib/import_functions.php
+++ b/lib/import_functions.php
@@ -175,7 +175,9 @@ public function readEntry() {
 					return $this->error(sprintf('%s %s',_('LDIF import only suppports version 1'),$version),$lines);
 
 				$haveVersion = true;
-				$lines = $this->nextLines();
+
+				if (! $lines)
+					$lines = $this->nextLines();
 			}
 
 			$server = $this->getServer();