From cf15f715b68c94499132d82f559e588d807d7209 Mon Sep 17 00:00:00 2001
From: fbsanchez <fborja.sanchez@artica.es>
Date: Thu, 3 Jan 2019 18:00:49 +0100
Subject: [PATCH] safe_input in custom_field operations Dataserver

Former-commit-id: 7cbb8fdb97a1265201f6dd5600ad58664cc89c29
---
 pandora_server/lib/PandoraFMS/DataServer.pm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pandora_server/lib/PandoraFMS/DataServer.pm b/pandora_server/lib/PandoraFMS/DataServer.pm
index 47585abd4e..2bd6363d4d 100644
--- a/pandora_server/lib/PandoraFMS/DataServer.pm
+++ b/pandora_server/lib/PandoraFMS/DataServer.pm
@@ -491,13 +491,13 @@ sub process_xml_data ($$$$$) {
 
 	                                                $field_agent->{'id_agent'} = $agent_id;
 	                                                $field_agent->{'id_field'} = $custom_field_info->{'id_field'};
-	                                                $field_agent->{'description'} = $cf_value;
+	                                                $field_agent->{'description'} = safe_input($cf_value);
 
         	                                        db_process_insert($dbh, 'id_field', 'tagent_custom_data', $field_agent);
 						} else {
 							
 							db_update ($dbh, "UPDATE tagent_custom_data SET description = ? WHERE id_field = ? AND id_agent = ?",
-									$cf_value ,$custom_field_info->{"id_field"}, $agent->{'id_agente'});
+									safe_input($cf_value), $custom_field_info->{"id_field"}, $agent->{'id_agente'});
 						}
                                         }
                                         else {