diff options
author | bmeeks8 <bmeeks8@bellsouth.net> | 2014-03-07 15:53:08 -0500 |
---|---|---|
committer | bmeeks8 <bmeeks8@bellsouth.net> | 2014-03-07 15:53:08 -0500 |
commit | 62a833a2b268b4374bdba95b13c117470d380786 (patch) | |
tree | 3662994f26b7e207e401178f12c54a87ee9d7429 | |
parent | 08c5a4d7d40b0ce059daa832a231a95f46946c14 (diff) | |
download | pfsense-packages-62a833a2b268b4374bdba95b13c117470d380786.tar.gz pfsense-packages-62a833a2b268b4374bdba95b13c117470d380786.tar.bz2 pfsense-packages-62a833a2b268b4374bdba95b13c117470d380786.zip |
Increase rigor of $_POST and $_GET parameter value validation.
-rw-r--r-- | config/suricata/suricata_rules.php | 19 | ||||
-rw-r--r-- | config/suricata/suricata_rules_edit.php | 39 | ||||
-rw-r--r-- | config/suricata/suricata_rules_flowbits.php | 5 |
3 files changed, 29 insertions, 34 deletions
diff --git a/config/suricata/suricata_rules.php b/config/suricata/suricata_rules.php index 1a0c54b5..85427e6f 100644 --- a/config/suricata/suricata_rules.php +++ b/config/suricata/suricata_rules.php @@ -40,10 +40,11 @@ if (!is_array($config['installedpackages']['suricata']['rule'])) $config['installedpackages']['suricata']['rule'] = array(); $a_rule = &$config['installedpackages']['suricata']['rule']; -if ($_GET['id']) - $id = $_GET['id']; -if ($_POST['id']) +if (isset($_POST['id'])) $id = $_POST['id']; +elseif (isset($_GET['id']) && is_numericint($_GET['id'])) + $id = htmlspecialchars($_GET['id']); + if (is_null($id)) { $id = 0; } @@ -95,6 +96,10 @@ $emergingdownload = $config['installedpackages']['suricata']['config'][0]['enabl $etpro = $config['installedpackages']['suricata']['config'][0]['enable_etpro_rules']; $categories = explode("||", $pconfig['rulesets']); +// Add any previously saved rules files to the categories array +if (!empty($pconfig['rulesets'])) + $categories = explode("||", $pconfig['rulesets']); + if ($_GET['openruleset']) $currentruleset = htmlspecialchars($_GET['openruleset'], ENT_QUOTES | ENT_HTML401); elseif ($_POST['selectbox']) @@ -463,7 +468,7 @@ if ($savemsg) { <td rowspan="5" width="48%" valign="middle"><input type="submit" name="apply" id="apply" value="<?php echo gettext("Apply"); ?>" class="formbtn" title="<?php echo gettext("Click to rebuild the rules with your changes"); ?>"/><br/><br/> <span class="vexpl"><span class="red"><strong><?php echo gettext("Note: ") . "</strong></span>" . - gettext("Suricata must be restarted to activate any SID enable/disable changes made on this tab."); ?></span></td> + gettext("When finished, click APPLY to send any SID enable/disable changes made on this tab to the running Suricata process."); ?></span></td> <td class="vexpl" valign="middle"><?php echo "<input type='image' name='resetcategory[]' src=\"../themes/{$g['theme']}/images/icons/icon_x.gif\" width=\"15\" height=\"15\" onmouseout='this.src=\"../themes/{$g['theme']}/images/icons/icon_x.gif\"' @@ -604,11 +609,11 @@ if ($savemsg) { $message = suricata_get_msg($v['rule']); $sid_tooltip = gettext("View the raw text for this rule"); - echo "<tr><td class=\"listt\" align=\"left\" valign=\"middle\" sorttable_customkey=\"\">{$textss} - <input type=\"image\" onClick=\"document.getElementById('sid').value='{$sid}'; + echo "<tr><td class=\"listt\" align=\"left\" valign=\"middle\" sorttable_customkey=\"\">{$textss} + <a id=\"rule_{$gid}_{$sid}\" href=''><input type=\"image\" onClick=\"document.getElementById('sid').value='{$sid}'; document.getElementById('gid').value='{$gid}';\" src=\"../themes/{$g['theme']}/images/icons/{$iconb}\" width=\"11\" height=\"11\" border=\"0\" - title='{$title}' name=\"toggle[]\"/>{$textse} + title='{$title}' name=\"toggle[]\"/></a>{$textse} </td> <td class=\"listlr\" align=\"center\" style=\"font-size: 11px;\" ondblclick=\"wopen('suricata_rules_edit.php?id={$id}&openruleset={$currentruleset}&sid={$sid}&gid={$gid}','FileViewer',800,600);\"> {$textss}{$gid}{$textse} diff --git a/config/suricata/suricata_rules_edit.php b/config/suricata/suricata_rules_edit.php index ad6b2986..c02d3eba 100644 --- a/config/suricata/suricata_rules_edit.php +++ b/config/suricata/suricata_rules_edit.php @@ -33,31 +33,22 @@ require_once("/usr/local/pkg/suricata/suricata.inc"); $flowbit_rules_file = FLOWBITS_FILENAME; $suricatadir = SURICATADIR; -if (!is_array($config['installedpackages']['suricata']['rule'])) { - $config['installedpackages']['suricata']['rule'] = array(); -} -$a_rule = &$config['installedpackages']['suricata']['rule']; +if (isset($_GET['id']) && is_numericint($_GET['id'])) + $id = htmlspecialchars($_GET['id']); -$id = $_GET['id']; -if (is_null($id)) { - header("Location: /suricata/suricata_interfaces.php"); +if (is_null($id)) exit; -} -if (isset($id) && $a_rule[$id]) { - $pconfig['enable'] = $a_rule[$id]['enable']; - $pconfig['interface'] = $a_rule[$id]['interface']; - $pconfig['rulesets'] = $a_rule[$id]['rulesets']; -} -else { - header("Location: /suricata/suricata_interfaces.php"); - exit; +if (!is_array($config['installedpackages']['suricata']['rule'])) { + $config['installedpackages']['suricata']['rule'] = array(); } -/* convert fake interfaces to real */ -$if_real = get_real_interface($pconfig['interface']); +$a_rule = &$config['installedpackages']['suricata']['rule']; + +$if_real = get_real_interface($a_rule[$id]['interface']); $suricata_uuid = $a_rule[$id]['uuid']; -$suricatacfgdir = "{$suricatadir}suricata_{$suricata_uuid}_{$if_real}"; +$suricatacfgdir = "{$suricatadir}suricata_{$suricata_uuid}_{$if_real}/"; + $file = htmlspecialchars($_GET['openruleset'], ENT_QUOTES | ENT_HTML401); $contents = ''; $wrap_flag = "off"; @@ -73,13 +64,13 @@ else // a standard rules file, or a complete file name. // Test for the special case of an IPS Policy file. if (substr($file, 0, 10) == "IPS Policy") { - $rules_map = suricata_load_vrt_policy($a_rule[$id]['ips_policy']); - if (isset($_GET['ids'])) { - $contents = $rules_map[$_GET['gid']][trim($_GET['ids'])]['rule']; + $rules_map = suricata_load_vrt_policy(strtolower(trim(substr($file, strpos($file, "-")+1)))); + if (isset($_GET['sid']) && is_numericint($_GET['sid']) && isset($_GET['gid']) && is_numericint($_GET['gid'])) { + $contents = $rules_map[$_GET['gid']][trim($_GET['sid'])]['rule']; $wrap_flag = "soft"; } else { - $contents = "# Suricata IPS Policy - " . ucfirst($a_rule[$id]['ips_policy']) . "\n\n"; + $contents = "# Snort IPS Policy - " . ucfirst(trim(substr($file, strpos($file, "-")+1))) . "\n\n"; foreach (array_keys($rules_map) as $k1) { foreach (array_keys($rules_map[$k1]) as $k2) { $contents .= "# Category: " . $rules_map[$k1][$k2]['category'] . " SID: {$k2}\n"; @@ -90,7 +81,7 @@ if (substr($file, 0, 10) == "IPS Policy") { unset($rules_map); } // Is it a SID to load the rule text from? -elseif (isset($_GET['sid']) && is_numeric(trim($_GET['sid']))) { +elseif (isset($_GET['sid']) && is_numericint($_GET['sid']) && isset($_GET['gid']) && is_numericint($_GET['gid'])) { // If flowbit rule, point to interface-specific file if ($file == "Auto-Flowbit Rules") $rules_map = suricata_load_rules_map("{$suricatacfgdir}rules/" . FLOWBITS_FILENAME); diff --git a/config/suricata/suricata_rules_flowbits.php b/config/suricata/suricata_rules_flowbits.php index 53019894..d5629fae 100644 --- a/config/suricata/suricata_rules_flowbits.php +++ b/config/suricata/suricata_rules_flowbits.php @@ -43,8 +43,8 @@ $a_nat = &$config['installedpackages']['suricata']['rule']; if (isset($_POST['id'])) $id = $_POST['id']; -elseif (isset($_GET['id'])) - $id = $_GET['id']; +elseif (isset($_GET['id']) && is_numericint($_GET['id'])) + $id = htmlspecialchars($_GET['id']); if (is_null($id)) { header("Location: /suricata/suricata_interfaces.php"); @@ -283,7 +283,6 @@ if ($savemsg) <td align="center" valign="middle"> <input id="cancel" name="cancel" type="submit" class="formbtn" <?php echo "value=\"" . gettext("Return") . "\" title=\"" . gettext("Return to previous page") . "\""; ?>/> - <input name="id" type="hidden" value="<?=$id;?>" /> </td> </tr> <?php endif; ?> |