Updated

CHANGELOG.md

@@ -4,6 +4,7 @@
 [Full Changelog](https://github.com/torrentpier/torrentpier-lts/compare/v2.1.5-2024.07...v2.1.5-2024.0X)
 
 - Release v2.1.5-2024.0X 🎉
+- CWE-502 Fixed: Deserialization of untrusted data
 - Admin panel -> Ranks: Added support for images in URLs
 - Fixed broken "Disable Board" function
 - Some other changes / improvements

library/includes/functions.php

@@ -47,7 +47,7 @@ function get_tracks ($type)
 		default:
 			trigger_error(__FUNCTION__ .": invalid type '$type'", E_USER_ERROR);
 	}
-	$tracks = !empty($_COOKIE[$c_name]) ? @unserialize($_COOKIE[$c_name]) : false;
+	$tracks = !empty($_COOKIE[$c_name]) ? json_decode($_COOKIE[$c_name], true) : false;
 	return ($tracks) ? $tracks : array();
 }
 
@@ -95,7 +95,7 @@ function set_tracks ($cookie_name, &$tracking_ary, $tracks = null, $val = TIMENO
 
 	if (array_diff($tracking_ary, $prev_tracking_ary))
 	{
-		bb_setcookie($cookie_name, serialize($tracking_ary));
+		bb_setcookie($cookie_name, json_encode($tracking_ary));
 	}
 }
 

library/includes/sessions.php

@@ -453,7 +453,7 @@ class user_common
 	*/
 	function get_sessiondata ()
 	{
-		$sd_resv = !empty($_COOKIE[COOKIE_DATA]) ? @unserialize($_COOKIE[COOKIE_DATA]) : array();
+		$sd_resv = !empty($_COOKIE[COOKIE_DATA]) ? json_decode($_COOKIE[COOKIE_DATA], true) : array();
 
 		// autologin_id
 		if (!empty($sd_resv['uk']) && verify_id($sd_resv['uk'], LOGIN_KEY_LENGTH))
@@ -526,7 +526,7 @@ class user_common
 
 			// Set bb_data (session) cookie
 			$c_sdata_resv = !empty($_COOKIE[COOKIE_DATA]) ? $_COOKIE[COOKIE_DATA] : null;
-			$c_sdata_curr = ($this->sessiondata) ? serialize($this->sessiondata) : '';
+			$c_sdata_curr = ($this->sessiondata) ? json_encode($this->sessiondata) : '';
 
 			if ($c_sdata_curr !== $c_sdata_resv)
 			{