aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRenato Botelho <garga@FreeBSD.org>2014-02-18 09:29:56 -0300
committerRenato Botelho <garga@FreeBSD.org>2014-02-18 09:29:56 -0300
commit048bb82a0e2c814da90816657ecedf59fedf8dbd (patch)
tree05ff84180bb2195ffea63811caae43baa64ead14
parenteb6f51ed37d78231ebded1792f333807d9559177 (diff)
downloadpfsense-packages-048bb82a0e2c814da90816657ecedf59fedf8dbd.tar.gz
pfsense-packages-048bb82a0e2c814da90816657ecedf59fedf8dbd.tar.bz2
pfsense-packages-048bb82a0e2c814da90816657ecedf59fedf8dbd.zip
Fixes #3459. Avoid shell/XSS issues applying htmlspecialchars to input param logfile
-rw-r--r--config/snort/snort_log_view.php13
-rw-r--r--pkg_config.10.xml2
-rw-r--r--pkg_config.8.xml2
-rw-r--r--pkg_config.8.xml.amd642
4 files changed, 10 insertions, 9 deletions
diff --git a/config/snort/snort_log_view.php b/config/snort/snort_log_view.php
index babae205..beec1aa7 100644
--- a/config/snort/snort_log_view.php
+++ b/config/snort/snort_log_view.php
@@ -41,14 +41,15 @@ $contents = '';
// Read the contents of the argument passed to us.
// Is it a fully qualified path and file?
-if (file_exists($_GET['logfile']))
- if (substr(realpath($_GET['logfile']), 0, strlen(SNORTLOGDIR)) != SNORTLOGDIR)
- $contents = gettext("\n\nERROR -- File: {$_GET['logfile']} can not be viewed!");
+$logfile = htmlspecialchars($_GET['logfile'], ENT_QUOTES | ENT_HTML401);
+if (file_exists($logfile))
+ if (substr(realpath($logfile), 0, strlen(SNORTLOGDIR)) != SNORTLOGDIR)
+ $contents = gettext("\n\nERROR -- File: {$logfile} can not be viewed!");
else
- $contents = file_get_contents($_GET['logfile']);
+ $contents = file_get_contents($logfile);
// It is not something we can display, so print an error.
else
- $contents = gettext("\n\nERROR -- File: {$_GET['logfile']} not found!");
+ $contents = gettext("\n\nERROR -- File: {$logfile} not found!");
$pgtitle = array(gettext("Snort"), gettext("Log File Viewer"));
?>
@@ -72,7 +73,7 @@ $pgtitle = array(gettext("Snort"), gettext("Log File Viewer"));
<input type="button" class="formbtn" value="Return" onclick="window.close()">
</td>
<td align="right">
- <b><?php echo gettext("Log File: ") . '</b>&nbsp;' . $_GET['logfile']; ?>&nbsp;&nbsp;&nbsp;&nbsp;
+ <b><?php echo gettext("Log File: ") . '</b>&nbsp;' . $logfile; ?>&nbsp;&nbsp;&nbsp;&nbsp;
</td>
</tr>
<tr>
diff --git a/pkg_config.10.xml b/pkg_config.10.xml
index 317f62e5..0dfa04c7 100644
--- a/pkg_config.10.xml
+++ b/pkg_config.10.xml
@@ -372,7 +372,7 @@
<!-- Use both styles for now, since our snort port isn't yet optionsng, but barnyard2 and others are. -->
<build_options>barnyard2_UNSET_FORCE=ODBC PGSQL PRELUDE;barnyard2_SET_FORCE=GRE IPV6 MPLS MYSQL PORT_PCAP;snort_SET_FORCE=TARGETBASED PERFPROFILE DECODERPRE FLEXRESP3 GRE IPV6 MPLS NORMALIZER ZLIB;perl_SET_FORCE=THREADS;WITH_THREADS=yes;WITH_IPV6=true;WITH_MPLS=true;WITH_GRE=true;WITH_TARGETBASED=true;WITH_PERFPROFILE=true;WITH_DECODERPRE=true;WITH_ZLIB=true;WITH_NORMALIZER=true;WITH_REACT=true;WITH_FLEXRESP3=true;WITHOUT_ODBC=true;WITHOUT_POSTGRESQL=true;WITHOUT_PRELUDE=true;NOPORTDOCS=true</build_options>
<config_file>http://www.pfsense.com/packages/config/snort/snort.xml</config_file>
- <version>2.9.5.5 pkg v3.0.3</version>
+ <version>2.9.5.5 pkg v3.0.4</version>
<required_version>2.2</required_version>
<status>Stable</status>
<configurationfile>/snort.xml</configurationfile>
diff --git a/pkg_config.8.xml b/pkg_config.8.xml
index 3a9d35b1..ec847a46 100644
--- a/pkg_config.8.xml
+++ b/pkg_config.8.xml
@@ -526,7 +526,7 @@
<!-- Use both styles for now, since our snort port isn't yet optionsng, but barnyard2 and others are. -->
<build_options>barnyard2_UNSET_FORCE=ODBC PGSQL PRELUDE;barnyard2_SET=GRE IPV6 MPLS MYSQL PORT_PCAP;snort_SET=TARGETBASED PERFPROFILE DECODERPRE FLEXRESP3 GRE IPV6 MPLS NORMALIZER ZLIB;perl_SET=THREADS;WITH_THREADS=yes;WITH_IPV6=true;WITH_MPLS=true;WITH_GRE=true;WITH_TARGETBASED=true;WITH_PERFPROFILE=true;WITH_DECODERPRE=true;WITH_ZLIB=true;WITH_NORMALIZER=true;WITH_REACT=true;WITH_FLEXRESP3=true;WITHOUT_ODBC=true;WITHOUT_POSTGRESQL=true;WITHOUT_PRELUDE=true;NOPORTDOCS=true</build_options>
<config_file>http://www.pfsense.com/packages/config/snort/snort.xml</config_file>
- <version>2.9.5.5 pkg v3.0.3</version>
+ <version>2.9.5.5 pkg v3.0.4</version>
<required_version>2.0</required_version>
<status>Stable</status>
<configurationfile>/snort.xml</configurationfile>
diff --git a/pkg_config.8.xml.amd64 b/pkg_config.8.xml.amd64
index e12cb00f..4b987054 100644
--- a/pkg_config.8.xml.amd64
+++ b/pkg_config.8.xml.amd64
@@ -513,7 +513,7 @@
<!-- Use both styles for now, since our snort port isn't yet optionsng, but barnyard2 and others are. -->
<build_options>barnyard2_UNSET_FORCE=ODBC PGSQL PRELUDE;barnyard2_SET=GRE IPV6 MPLS MYSQL PORT_PCAP;snort_SET=TARGETBASED PERFPROFILE DECODERPRE FLEXRESP3 GRE IPV6 MPLS NORMALIZER ZLIB;perl_SET=THREADS;WITH_THREADS=yes;WITH_IPV6=true;WITH_MPLS=true;WITH_GRE=true;WITH_TARGETBASED=true;WITH_PERFPROFILE=true;WITH_DECODERPRE=true;WITH_ZLIB=true;WITH_NORMALIZER=true;WITH_REACT=true;WITH_FLEXRESP3=true;WITHOUT_ODBC=true;WITHOUT_POSTGRESQL=true;WITHOUT_PRELUDE=true;NOPORTDOCS=true</build_options>
<config_file>http://www.pfsense.com/packages/config/snort/snort.xml</config_file>
- <version>2.9.5.5 pkg v3.0.3</version>
+ <version>2.9.5.5 pkg v3.0.4</version>
<required_version>2.0</required_version>
<status>Stable</status>
<configurationfile>/snort.xml</configurationfile>