diff options
author | Renato Botelho <garga@FreeBSD.org> | 2014-02-18 09:29:56 -0300 |
---|---|---|
committer | Renato Botelho <garga@FreeBSD.org> | 2014-02-18 09:29:56 -0300 |
commit | 048bb82a0e2c814da90816657ecedf59fedf8dbd (patch) | |
tree | 05ff84180bb2195ffea63811caae43baa64ead14 | |
parent | eb6f51ed37d78231ebded1792f333807d9559177 (diff) | |
download | pfsense-packages-048bb82a0e2c814da90816657ecedf59fedf8dbd.tar.gz pfsense-packages-048bb82a0e2c814da90816657ecedf59fedf8dbd.tar.bz2 pfsense-packages-048bb82a0e2c814da90816657ecedf59fedf8dbd.zip |
Fixes #3459. Avoid shell/XSS issues applying htmlspecialchars to input param logfile
-rw-r--r-- | config/snort/snort_log_view.php | 13 | ||||
-rw-r--r-- | pkg_config.10.xml | 2 | ||||
-rw-r--r-- | pkg_config.8.xml | 2 | ||||
-rw-r--r-- | pkg_config.8.xml.amd64 | 2 |
4 files changed, 10 insertions, 9 deletions
diff --git a/config/snort/snort_log_view.php b/config/snort/snort_log_view.php index babae205..beec1aa7 100644 --- a/config/snort/snort_log_view.php +++ b/config/snort/snort_log_view.php @@ -41,14 +41,15 @@ $contents = ''; // Read the contents of the argument passed to us. // Is it a fully qualified path and file? -if (file_exists($_GET['logfile'])) - if (substr(realpath($_GET['logfile']), 0, strlen(SNORTLOGDIR)) != SNORTLOGDIR) - $contents = gettext("\n\nERROR -- File: {$_GET['logfile']} can not be viewed!"); +$logfile = htmlspecialchars($_GET['logfile'], ENT_QUOTES | ENT_HTML401); +if (file_exists($logfile)) + if (substr(realpath($logfile), 0, strlen(SNORTLOGDIR)) != SNORTLOGDIR) + $contents = gettext("\n\nERROR -- File: {$logfile} can not be viewed!"); else - $contents = file_get_contents($_GET['logfile']); + $contents = file_get_contents($logfile); // It is not something we can display, so print an error. else - $contents = gettext("\n\nERROR -- File: {$_GET['logfile']} not found!"); + $contents = gettext("\n\nERROR -- File: {$logfile} not found!"); $pgtitle = array(gettext("Snort"), gettext("Log File Viewer")); ?> @@ -72,7 +73,7 @@ $pgtitle = array(gettext("Snort"), gettext("Log File Viewer")); <input type="button" class="formbtn" value="Return" onclick="window.close()"> </td> <td align="right"> - <b><?php echo gettext("Log File: ") . '</b> ' . $_GET['logfile']; ?> + <b><?php echo gettext("Log File: ") . '</b> ' . $logfile; ?> </td> </tr> <tr> diff --git a/pkg_config.10.xml b/pkg_config.10.xml index 317f62e5..0dfa04c7 100644 --- a/pkg_config.10.xml +++ b/pkg_config.10.xml @@ -372,7 +372,7 @@ <!-- Use both styles for now, since our snort port isn't yet optionsng, but barnyard2 and others are. --> <build_options>barnyard2_UNSET_FORCE=ODBC PGSQL PRELUDE;barnyard2_SET_FORCE=GRE IPV6 MPLS MYSQL PORT_PCAP;snort_SET_FORCE=TARGETBASED PERFPROFILE DECODERPRE FLEXRESP3 GRE IPV6 MPLS NORMALIZER ZLIB;perl_SET_FORCE=THREADS;WITH_THREADS=yes;WITH_IPV6=true;WITH_MPLS=true;WITH_GRE=true;WITH_TARGETBASED=true;WITH_PERFPROFILE=true;WITH_DECODERPRE=true;WITH_ZLIB=true;WITH_NORMALIZER=true;WITH_REACT=true;WITH_FLEXRESP3=true;WITHOUT_ODBC=true;WITHOUT_POSTGRESQL=true;WITHOUT_PRELUDE=true;NOPORTDOCS=true</build_options> <config_file>http://www.pfsense.com/packages/config/snort/snort.xml</config_file> - <version>2.9.5.5 pkg v3.0.3</version> + <version>2.9.5.5 pkg v3.0.4</version> <required_version>2.2</required_version> <status>Stable</status> <configurationfile>/snort.xml</configurationfile> diff --git a/pkg_config.8.xml b/pkg_config.8.xml index 3a9d35b1..ec847a46 100644 --- a/pkg_config.8.xml +++ b/pkg_config.8.xml @@ -526,7 +526,7 @@ <!-- Use both styles for now, since our snort port isn't yet optionsng, but barnyard2 and others are. --> <build_options>barnyard2_UNSET_FORCE=ODBC PGSQL PRELUDE;barnyard2_SET=GRE IPV6 MPLS MYSQL PORT_PCAP;snort_SET=TARGETBASED PERFPROFILE DECODERPRE FLEXRESP3 GRE IPV6 MPLS NORMALIZER ZLIB;perl_SET=THREADS;WITH_THREADS=yes;WITH_IPV6=true;WITH_MPLS=true;WITH_GRE=true;WITH_TARGETBASED=true;WITH_PERFPROFILE=true;WITH_DECODERPRE=true;WITH_ZLIB=true;WITH_NORMALIZER=true;WITH_REACT=true;WITH_FLEXRESP3=true;WITHOUT_ODBC=true;WITHOUT_POSTGRESQL=true;WITHOUT_PRELUDE=true;NOPORTDOCS=true</build_options> <config_file>http://www.pfsense.com/packages/config/snort/snort.xml</config_file> - <version>2.9.5.5 pkg v3.0.3</version> + <version>2.9.5.5 pkg v3.0.4</version> <required_version>2.0</required_version> <status>Stable</status> <configurationfile>/snort.xml</configurationfile> diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64 index e12cb00f..4b987054 100644 --- a/pkg_config.8.xml.amd64 +++ b/pkg_config.8.xml.amd64 @@ -513,7 +513,7 @@ <!-- Use both styles for now, since our snort port isn't yet optionsng, but barnyard2 and others are. --> <build_options>barnyard2_UNSET_FORCE=ODBC PGSQL PRELUDE;barnyard2_SET=GRE IPV6 MPLS MYSQL PORT_PCAP;snort_SET=TARGETBASED PERFPROFILE DECODERPRE FLEXRESP3 GRE IPV6 MPLS NORMALIZER ZLIB;perl_SET=THREADS;WITH_THREADS=yes;WITH_IPV6=true;WITH_MPLS=true;WITH_GRE=true;WITH_TARGETBASED=true;WITH_PERFPROFILE=true;WITH_DECODERPRE=true;WITH_ZLIB=true;WITH_NORMALIZER=true;WITH_REACT=true;WITH_FLEXRESP3=true;WITHOUT_ODBC=true;WITHOUT_POSTGRESQL=true;WITHOUT_PRELUDE=true;NOPORTDOCS=true</build_options> <config_file>http://www.pfsense.com/packages/config/snort/snort.xml</config_file> - <version>2.9.5.5 pkg v3.0.3</version> + <version>2.9.5.5 pkg v3.0.4</version> <required_version>2.0</required_version> <status>Stable</status> <configurationfile>/snort.xml</configurationfile> |