Onex系列产品越权漏洞修复处理(shopex)
Onex ecstore及b2b2c越权漏洞修复方式:
漏洞描述:部分功能点可能导致系统越权漏洞
bbc越权漏洞手动修复方式如下:
diff --git a/app/ectools/lib/payment/api.php b/app/ectools/lib/payment/api.php
index 3789157..155f989 100644
--- a/app/ectools/lib/payment/api.php
+++ b/app/ectools/lib/payment/api.php
@@ -73,6 +73,8 @@ class ectools_payment_api
logger::info("支付返回信息记录:".var_export($arrQueryStrs,1));
$payments = new $class_name($objShopApp);
+ if(! $payments instanceof ectools_payment_app)
+ throw LogicException('Plugin Error!');
$ret = $payments->$method($arrQueryStrs);
logger::info("支付返回信息转换之后记录:".var_export($ret,1));
// 支付结束,回调服务.
ecstore越权漏洞手动修复方式如下:
diff --git a/app/ectools/lib/payment/api.php b/app/ectools/lib/payment/api.php
index 79b0fb6..f1e29b8 100644
--- a/app/ectools/lib/payment/api.php
+++ b/app/ectools/lib/payment/api.php
@@ -76,6 +76,7 @@ class ectools_payment_api
logger::info("支付返回信息记录:".var_export($arrQueryStrs,1));
$payments_bill = new $class_name($objShopApp);
+ if(! $payments_bill instanceof ectools_payment_app) exit('Plugin Error');
$ret = $payments_bill->$method($arrQueryStrs);
logger::info("支付返回信息转换之后记录:".var_export($ret,1));
// 支付结束,回调服务.
diff --git a/app/trustlogin/lib/api.php b/app/trustlogin/lib/api.php
index baa38f8..5630e02 100644
--- a/app/trustlogin/lib/api.php
+++ b/app/trustlogin/lib/api.php
@@ -71,6 +71,7 @@ class trustlogin_api
}
$objtrustlogin = new $class_name($objShopApp);
+ if(! $objtrustlogin instanceof trustlogin_interface_trust) exit('Plugin Error');
//返回数据
$ret = $objtrustlogin->$method($arrQueryStrs);
if(!$ret)
