aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorbmeeks8 <bmeeks8@bellsouth.net>2014-03-07 15:53:08 -0500
committerbmeeks8 <bmeeks8@bellsouth.net>2014-03-07 15:53:08 -0500
commit62a833a2b268b4374bdba95b13c117470d380786 (patch)
tree3662994f26b7e207e401178f12c54a87ee9d7429
parent08c5a4d7d40b0ce059daa832a231a95f46946c14 (diff)
downloadpfsense-packages-62a833a2b268b4374bdba95b13c117470d380786.tar.gz
pfsense-packages-62a833a2b268b4374bdba95b13c117470d380786.tar.bz2
pfsense-packages-62a833a2b268b4374bdba95b13c117470d380786.zip
Increase rigor of $_POST and $_GET parameter value validation.
-rw-r--r--config/suricata/suricata_rules.php19
-rw-r--r--config/suricata/suricata_rules_edit.php39
-rw-r--r--config/suricata/suricata_rules_flowbits.php5
3 files changed, 29 insertions, 34 deletions
diff --git a/config/suricata/suricata_rules.php b/config/suricata/suricata_rules.php
index 1a0c54b5..85427e6f 100644
--- a/config/suricata/suricata_rules.php
+++ b/config/suricata/suricata_rules.php
@@ -40,10 +40,11 @@ if (!is_array($config['installedpackages']['suricata']['rule']))
$config['installedpackages']['suricata']['rule'] = array();
$a_rule = &$config['installedpackages']['suricata']['rule'];
-if ($_GET['id'])
- $id = $_GET['id'];
-if ($_POST['id'])
+if (isset($_POST['id']))
$id = $_POST['id'];
+elseif (isset($_GET['id']) && is_numericint($_GET['id']))
+ $id = htmlspecialchars($_GET['id']);
+
if (is_null($id)) {
$id = 0;
}
@@ -95,6 +96,10 @@ $emergingdownload = $config['installedpackages']['suricata']['config'][0]['enabl
$etpro = $config['installedpackages']['suricata']['config'][0]['enable_etpro_rules'];
$categories = explode("||", $pconfig['rulesets']);
+// Add any previously saved rules files to the categories array
+if (!empty($pconfig['rulesets']))
+ $categories = explode("||", $pconfig['rulesets']);
+
if ($_GET['openruleset'])
$currentruleset = htmlspecialchars($_GET['openruleset'], ENT_QUOTES | ENT_HTML401);
elseif ($_POST['selectbox'])
@@ -463,7 +468,7 @@ if ($savemsg) {
<td rowspan="5" width="48%" valign="middle"><input type="submit" name="apply" id="apply" value="<?php echo gettext("Apply"); ?>" class="formbtn"
title="<?php echo gettext("Click to rebuild the rules with your changes"); ?>"/><br/><br/>
<span class="vexpl"><span class="red"><strong><?php echo gettext("Note: ") . "</strong></span>" .
- gettext("Suricata must be restarted to activate any SID enable/disable changes made on this tab."); ?></span></td>
+ gettext("When finished, click APPLY to send any SID enable/disable changes made on this tab to the running Suricata process."); ?></span></td>
<td class="vexpl" valign="middle"><?php echo "<input type='image' name='resetcategory[]'
src=\"../themes/{$g['theme']}/images/icons/icon_x.gif\" width=\"15\" height=\"15\"
onmouseout='this.src=\"../themes/{$g['theme']}/images/icons/icon_x.gif\"'
@@ -604,11 +609,11 @@ if ($savemsg) {
$message = suricata_get_msg($v['rule']);
$sid_tooltip = gettext("View the raw text for this rule");
- echo "<tr><td class=\"listt\" align=\"left\" valign=\"middle\" sorttable_customkey=\"\">{$textss}
- <input type=\"image\" onClick=\"document.getElementById('sid').value='{$sid}';
+ echo "<tr><td class=\"listt\" align=\"left\" valign=\"middle\" sorttable_customkey=\"\">{$textss}
+ <a id=\"rule_{$gid}_{$sid}\" href=''><input type=\"image\" onClick=\"document.getElementById('sid').value='{$sid}';
document.getElementById('gid').value='{$gid}';\"
src=\"../themes/{$g['theme']}/images/icons/{$iconb}\" width=\"11\" height=\"11\" border=\"0\"
- title='{$title}' name=\"toggle[]\"/>{$textse}
+ title='{$title}' name=\"toggle[]\"/></a>{$textse}
</td>
<td class=\"listlr\" align=\"center\" style=\"font-size: 11px;\" ondblclick=\"wopen('suricata_rules_edit.php?id={$id}&openruleset={$currentruleset}&sid={$sid}&gid={$gid}','FileViewer',800,600);\">
{$textss}{$gid}{$textse}
diff --git a/config/suricata/suricata_rules_edit.php b/config/suricata/suricata_rules_edit.php
index ad6b2986..c02d3eba 100644
--- a/config/suricata/suricata_rules_edit.php
+++ b/config/suricata/suricata_rules_edit.php
@@ -33,31 +33,22 @@ require_once("/usr/local/pkg/suricata/suricata.inc");
$flowbit_rules_file = FLOWBITS_FILENAME;
$suricatadir = SURICATADIR;
-if (!is_array($config['installedpackages']['suricata']['rule'])) {
- $config['installedpackages']['suricata']['rule'] = array();
-}
-$a_rule = &$config['installedpackages']['suricata']['rule'];
+if (isset($_GET['id']) && is_numericint($_GET['id']))
+ $id = htmlspecialchars($_GET['id']);
-$id = $_GET['id'];
-if (is_null($id)) {
- header("Location: /suricata/suricata_interfaces.php");
+if (is_null($id))
exit;
-}
-if (isset($id) && $a_rule[$id]) {
- $pconfig['enable'] = $a_rule[$id]['enable'];
- $pconfig['interface'] = $a_rule[$id]['interface'];
- $pconfig['rulesets'] = $a_rule[$id]['rulesets'];
-}
-else {
- header("Location: /suricata/suricata_interfaces.php");
- exit;
+if (!is_array($config['installedpackages']['suricata']['rule'])) {
+ $config['installedpackages']['suricata']['rule'] = array();
}
-/* convert fake interfaces to real */
-$if_real = get_real_interface($pconfig['interface']);
+$a_rule = &$config['installedpackages']['suricata']['rule'];
+
+$if_real = get_real_interface($a_rule[$id]['interface']);
$suricata_uuid = $a_rule[$id]['uuid'];
-$suricatacfgdir = "{$suricatadir}suricata_{$suricata_uuid}_{$if_real}";
+$suricatacfgdir = "{$suricatadir}suricata_{$suricata_uuid}_{$if_real}/";
+
$file = htmlspecialchars($_GET['openruleset'], ENT_QUOTES | ENT_HTML401);
$contents = '';
$wrap_flag = "off";
@@ -73,13 +64,13 @@ else
// a standard rules file, or a complete file name.
// Test for the special case of an IPS Policy file.
if (substr($file, 0, 10) == "IPS Policy") {
- $rules_map = suricata_load_vrt_policy($a_rule[$id]['ips_policy']);
- if (isset($_GET['ids'])) {
- $contents = $rules_map[$_GET['gid']][trim($_GET['ids'])]['rule'];
+ $rules_map = suricata_load_vrt_policy(strtolower(trim(substr($file, strpos($file, "-")+1))));
+ if (isset($_GET['sid']) && is_numericint($_GET['sid']) && isset($_GET['gid']) && is_numericint($_GET['gid'])) {
+ $contents = $rules_map[$_GET['gid']][trim($_GET['sid'])]['rule'];
$wrap_flag = "soft";
}
else {
- $contents = "# Suricata IPS Policy - " . ucfirst($a_rule[$id]['ips_policy']) . "\n\n";
+ $contents = "# Snort IPS Policy - " . ucfirst(trim(substr($file, strpos($file, "-")+1))) . "\n\n";
foreach (array_keys($rules_map) as $k1) {
foreach (array_keys($rules_map[$k1]) as $k2) {
$contents .= "# Category: " . $rules_map[$k1][$k2]['category'] . " SID: {$k2}\n";
@@ -90,7 +81,7 @@ if (substr($file, 0, 10) == "IPS Policy") {
unset($rules_map);
}
// Is it a SID to load the rule text from?
-elseif (isset($_GET['sid']) && is_numeric(trim($_GET['sid']))) {
+elseif (isset($_GET['sid']) && is_numericint($_GET['sid']) && isset($_GET['gid']) && is_numericint($_GET['gid'])) {
// If flowbit rule, point to interface-specific file
if ($file == "Auto-Flowbit Rules")
$rules_map = suricata_load_rules_map("{$suricatacfgdir}rules/" . FLOWBITS_FILENAME);
diff --git a/config/suricata/suricata_rules_flowbits.php b/config/suricata/suricata_rules_flowbits.php
index 53019894..d5629fae 100644
--- a/config/suricata/suricata_rules_flowbits.php
+++ b/config/suricata/suricata_rules_flowbits.php
@@ -43,8 +43,8 @@ $a_nat = &$config['installedpackages']['suricata']['rule'];
if (isset($_POST['id']))
$id = $_POST['id'];
-elseif (isset($_GET['id']))
- $id = $_GET['id'];
+elseif (isset($_GET['id']) && is_numericint($_GET['id']))
+ $id = htmlspecialchars($_GET['id']);
if (is_null($id)) {
header("Location: /suricata/suricata_interfaces.php");
@@ -283,7 +283,6 @@ if ($savemsg)
<td align="center" valign="middle">
<input id="cancel" name="cancel" type="submit" class="formbtn" <?php
echo "value=\"" . gettext("Return") . "\" title=\"" . gettext("Return to previous page") . "\""; ?>/>
- <input name="id" type="hidden" value="<?=$id;?>" />
</td>
</tr>
<?php endif; ?>