From 1f6594b2bad801c69719a34e19b17a5a98f41b80 Mon Sep 17 00:00:00 2001
From: Ilia Rostovtsev <ilia@rostovtsev.io>
Date: Sun, 6 Sep 2020 19:43:30 +0300
Subject: [PATCH] Sanitize input

https://sourceforge.net/p/webadmin/bugs/5404/
---
 smf/log_viewer.cgi  | 3 +++
 syslog/save_log.cgi | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/smf/log_viewer.cgi b/smf/log_viewer.cgi
index 96a1e5c3a..e29c6be01 100755
--- a/smf/log_viewer.cgi
+++ b/smf/log_viewer.cgi
@@ -18,6 +18,9 @@ if (defined($in{'logfile'})) {
 $numlines = 40;
 if (defined($in{'numlines'})) {
 	$numlines = $in{'numlines'};
+	if ($numlines ne "all") {
+		$numlines = int($numlines);
+		}
 }
 
 if ($numlines eq "all") {
diff --git a/syslog/save_log.cgi b/syslog/save_log.cgi
index 49e67565a..46ff5af30 100755
--- a/syslog/save_log.cgi
+++ b/syslog/save_log.cgi
@@ -75,7 +75,7 @@ elsif ($in{'view'}) {
 	&ui_print_header("<tt>".&html_escape($file || $cmd)."</tt>",
 			 $text{'view_title'}, "");
 
-	$lines = $in{'lines'} ? int($in{'lines'}) : $config{'lines'};
+	$lines = $in{'lines'} ? int($in{'lines'}) : int($config{'lines'});
 	$filter = $in{'filter'} ? quotemeta($in{'filter'}) : "";
 
 	&filter_form();