From a07be6e3bd5998099b291cdfdcf46d7a532e2817 Mon Sep 17 00:00:00 2001
From: billz <billzimmerman@gmail.com>
Date: Mon, 3 Apr 2023 15:20:01 +0200
Subject: [PATCH 1/3] Input sanitization for wpa client

---
 includes/configure_client.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/includes/configure_client.php b/includes/configure_client.php
index fc24058e..18ad4dc2 100755
--- a/includes/configure_client.php
+++ b/includes/configure_client.php
@@ -18,7 +18,7 @@ function DisplayWPAConfig()
     if (isset($_POST['connect'])) {
         $result = 0;
         $iface = escapeshellarg($_SESSION['wifi_client_interface']);
-        $netid = escapeshellarg(strval($_POST['connect']));
+        $netid = intval($_POST['connect']);
         if (is_numeric($netid)) {
             exec('sudo wpa_cli -i ' . $iface . ' select_network ' . $netid);
             $status->addMessage('New network selected', 'success');

From 7adbfe143d500c24cc829919571884b7ca9789c3 Mon Sep 17 00:00:00 2001
From: billz <billzimmerman@gmail.com>
Date: Thu, 6 Apr 2023 11:42:11 +0200
Subject: [PATCH 2/3] Update connect var sanitization

---
 includes/configure_client.php | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/includes/configure_client.php b/includes/configure_client.php
index 18ad4dc2..980c44d9 100755
--- a/includes/configure_client.php
+++ b/includes/configure_client.php
@@ -17,12 +17,9 @@ function DisplayWPAConfig()
 
     if (isset($_POST['connect'])) {
         $result = 0;
-        $iface = escapeshellarg($_SESSION['wifi_client_interface']);
         $netid = intval($_POST['connect']);
-        if (is_numeric($netid)) {
-            exec('sudo wpa_cli -i ' . $iface . ' select_network ' . $netid);
-            $status->addMessage('New network selected', 'success');
-        }
+        exec('sudo wpa_cli -i ' . $_SESSION['wifi_client_interface'] . ' select_network ' . $netid);
+        $status->addMessage('New network selected', 'success');
     } elseif (isset($_POST['wpa_reinit'])) {
         $status->addMessage('Reinitializing wpa_supplicant', 'info', false);
         $force_remove = true;

From 157f29b85838d622056abf18874ecdc474e2cc2a Mon Sep 17 00:00:00 2001
From: billz <billzimmerman@gmail.com>
Date: Fri, 7 Apr 2023 12:32:01 +0200
Subject: [PATCH 3/3] Update sanitize wifi_client_interface var

---
 includes/configure_client.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/includes/configure_client.php b/includes/configure_client.php
index 980c44d9..accc7f26 100755
--- a/includes/configure_client.php
+++ b/includes/configure_client.php
@@ -17,8 +17,9 @@ function DisplayWPAConfig()
 
     if (isset($_POST['connect'])) {
         $result = 0;
+        $iface = escapeshellarg($_SESSION['wifi_client_interface']);
         $netid = intval($_POST['connect']);
-        exec('sudo wpa_cli -i ' . $_SESSION['wifi_client_interface'] . ' select_network ' . $netid);
+        exec('sudo wpa_cli -i ' . $iface . ' select_network ' . $netid);
         $status->addMessage('New network selected', 'success');
     } elseif (isset($_POST['wpa_reinit'])) {
         $status->addMessage('Reinitializing wpa_supplicant', 'info', false);