1 |
dertobi123 09/06/24 21:27:24 |
2 |
|
3 |
Added: statuswml-bug275288.patch |
4 |
Log: |
5 |
Revbumps to 2.12-r1, 3.0.6-r2 and also bump to 3.1.2. Includes fix for #275288 (remote code execution in statuswml.cgi). |
6 |
(Portage version: 2.2_rc33/cvs/Linux x86_64) |
7 |
|
8 |
Revision Changes Path |
9 |
1.1 net-analyzer/nagios-core/files/statuswml-bug275288.patch |
10 |
|
11 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-analyzer/nagios-core/files/statuswml-bug275288.patch?rev=1.1&view=markup |
12 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-analyzer/nagios-core/files/statuswml-bug275288.patch?rev=1.1&content-type=text/plain |
13 |
|
14 |
Index: statuswml-bug275288.patch |
15 |
=================================================================== |
16 |
--- cgi/statuswml.c 2008/11/30 18:13:11 1.27 |
17 |
+++ cgi/statuswml.c 2009/06/19 04:30:26 1.28 |
18 |
@@ -67,6 +67,8 @@ |
19 |
void document_header(void); |
20 |
void document_footer(void); |
21 |
int process_cgivars(void); |
22 |
+int validate_arguments(void); |
23 |
+int is_valid_hostip(char *hostip); |
24 |
|
25 |
int display_type=DISPLAY_INDEX; |
26 |
int hostgroup_style=DISPLAY_HOSTGROUP_SUMMARY; |
27 |
@@ -108,6 +110,13 @@ |
28 |
|
29 |
document_header(); |
30 |
|
31 |
+ /* validate arguments in URL */ |
32 |
+ result=validate_arguments(); |
33 |
+ if(result==ERROR){ |
34 |
+ document_footer(); |
35 |
+ return ERROR; |
36 |
+ } |
37 |
+ |
38 |
/* read the CGI configuration file */ |
39 |
result=read_cgi_config_file(get_cgi_config_location()); |
40 |
if(result==ERROR){ |
41 |
@@ -334,7 +343,25 @@ |
42 |
return error; |
43 |
} |
44 |
|
45 |
+int validate_arguments(void){ |
46 |
+ int result=OK; |
47 |
+ if((strcmp(ping_address,"")) && !is_valid_hostip(ping_address)) { |
48 |
+ printf("<p>Invalid host name/ip</p>\n"); |
49 |
+ result=ERROR; |
50 |
+ } |
51 |
+ if(strcmp(traceroute_address,"") && !is_valid_hostip(traceroute_address)){ |
52 |
+ printf("<p>Invalid host name/ip</p>\n"); |
53 |
+ result=ERROR; |
54 |
+ } |
55 |
+ return result; |
56 |
+ } |
57 |
|
58 |
+int is_valid_hostip(char *hostip) { |
59 |
+ char *valid_domain_chars="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-"; |
60 |
+ if(strcmp(hostip,"") && strlen(hostip)==strspn(hostip,valid_domain_chars) && hostip[0] != '-' && hostip[strlen(hostip)-1] != '-') |
61 |
+ return TRUE; |
62 |
+ return FALSE; |
63 |
+ } |
64 |
|
65 |
/* main intro screen */ |
66 |
void display_index(void){ |