From 9170d9444c6ad0ebd60b14c4a786724bafb37cd2 Mon Sep 17 00:00:00 2001
From: Kijin Sung <kijin@kijinsung.com>
Date: Tue, 15 Mar 2022 01:36:13 +0900
Subject: [PATCH] Throw SecurityViolation if anyone tries to exploit RVE-2022-2
 with GET/POST vars

---
 modules/page/page.view.php | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/modules/page/page.view.php b/modules/page/page.view.php
index 029fda2e3..aec4a65d1 100644
--- a/modules/page/page.view.php
+++ b/modules/page/page.view.php
@@ -54,6 +54,15 @@ class pageView extends page
 	{
 		// Variables used in the template Context:: set()
 		if($this->module_srl) Context::set('module_srl',$this->module_srl);
+		
+		// Kick out anyone who tries to exploit RVE-2022-2.
+		foreach (Context::getRequestVars() as $key => $val)
+		{
+			if (preg_match('/[\{\}\(\)<>\$\'"]/', $key) || preg_match('/[\{\}\(\)<>\$\'"]/', $val))
+			{
+				throw new Rhymix\Framework\Exceptions\SecurityViolation();
+			}
+		}
 
 		$page_type_name = strtolower($this->module_info->page_type);
 		$method = '_get' . ucfirst($page_type_name) . 'Content';