From 7aac4188282948ac508a1fa3b625dbf514e9d0e4 Mon Sep 17 00:00:00 2001 From: PiBa-NL Date: Thu, 2 Oct 2014 21:41:50 +0200 Subject: spamd, -fix 'add spamtrap' -use exec() instead of exploding output of directly invoking a shell command --- config/spamd/spamd_db.php | 54 ++++++++++++++++++++++------------------------- 1 file changed, 25 insertions(+), 29 deletions(-) diff --git a/config/spamd/spamd_db.php b/config/spamd/spamd_db.php index b2c4c476..e1d004f7 100644 --- a/config/spamd/spamd_db.php +++ b/config/spamd/spamd_db.php @@ -43,6 +43,13 @@ if($_POST['limit']) else $limit = "25"; +if($_GET['spamtrapemail']) + $spamtrapemail = $_GET['spamtrapemail']; +if($_POST['spamtrapemail']) + $spamtrapemail = $_POST['spamtrapemail']; +if ($spamtrapemail) + $spamtrapemailarg = escapeshellarg($spamtrapemail); + /* handle AJAX operations */ if($_GET['action'] or $_POST['action']) { /* echo back buttonid so it can be turned @@ -50,60 +57,52 @@ if($_GET['action'] or $_POST['action']) { */ echo $_GET['buttonid'] . "|"; if($_GET['action']) - $action = escapeshellarg($_GET['action']); + $action = $_GET['action']; if($_POST['action']) - $action = escapeshellarg($_POST['action']); + $action = $_POST['action']; if($_GET['srcip']) $srcip = $_GET['srcip']; if($_POST['srcip']) $srcip = $_POST['srcip']; - if($_GET['spamtrapemail']) - $spamtrapemail = escapeshellarg($_GET['spamtrapemail']); - if($_POST['spamtrapemail']) - $spamtrapemail = escapeshellarg($_POST['spamtrapemail']); $srcip = str_replace("<","",$srcip); $srcip = str_replace(">","",$srcip); $srcip = str_replace(" ","",$srcip); // Make input safe $srcip = escapeshellarg($srcip); /* execute spamdb command */ - if($action == "'whitelist'") { + if($action == "whitelist") { exec("/usr/local/sbin/spamdb -d {$srcip} -T"); exec("/usr/local/sbin/spamdb -d {$srcip} -t"); delete_from_blacklist($srcip); mwexec("/sbin/pfctl -q -t blacklist -T replace -f /var/db/blacklist.txt"); exec("echo spamdb -a {$srcip} > /tmp/tmp"); exec("/usr/local/sbin/spamdb -a {$srcip}"); - } else if($action == "'delete'") { + } else if($action == "delete") { exec("/usr/local/sbin/spamdb -d {$srcip}"); exec("/usr/local/sbin/spamdb -d {$srcip} -T"); exec("/usr/local/sbin/spamdb -d {$srcip} -t"); delete_from_blacklist($srcip); mwexec("/sbin/pfctl -q -t spamd -T delete $srcip"); mwexec("/sbin/pfctl -q -t blacklist -T replace -f /var/db/blacklist.txt"); - } else if($action == "'trapped'") { + } else if($action == "trapped") { exec("/usr/local/sbin/spamdb -d {$srcip}"); exec("/usr/local/sbin/spamdb -d {$srcip}"); exec("/usr/local/sbin/spamdb -d -t {$srcip}"); exec("/usr/local/sbin/spamdb -a -t {$srcip}"); - } else if($action == "'spamtrap'") { - exec("/usr/local/sbin/spamdb -a -T {$spamtrapemail}"); + } else if($action == "spamtrap") { + exec("/usr/local/sbin/spamdb -a -T {$spamtrapemailarg}"); } /* signal a reload for real time effect. */ mwexec("killall -HUP spamlogd"); exit; } -/* spam trap e-mail address */ -if($_POST['spamtrapemail'] <> "") { - $spamtrapemail = escapeshellarg($_POST['spamtrapemail']); - exec("/usr/local/sbin/spamdb -d {$spamtrapemail}"); - exec("/usr/local/sbin/spamdb -d -T {$spamtrapemail}"); - exec("/usr/local/sbin/spamdb -d -t {$spamtrapemail}"); - exec("/usr/local/sbin/spamdb -T -a '{$toaddress}'"); +/* spam trap e-mail address */ +if($spamtrapemail <> "") { + exec("spamdb -T -a {$spamtrapemailarg}"); mwexec("killall -HUP spamlogd"); - $savemsg = htmlentities($_POST['spamtrapemail']) . " added to spam trap database."; + $savemsg = htmlentities($spamtrapemail) . " added to spam trap database."; } if($_GET['getstatus'] <> "") { @@ -124,8 +123,7 @@ if($_GET['getstatus'] <> "") { /* spam trap e-mail address */ if($_GET['spamtrapemail'] <> "") { - $spamtrapemail = escapeshellarg($_GET['spamtrapemail']); - $status = exec("spamdb -T -a {$spamtrapemail}"); + $status = exec("spamdb -T -a {$spamtrapemailarg}"); mwexec("killall -HUP spamlogd"); if($status) echo $status; @@ -329,25 +327,23 @@ if (typeof getURL == 'undefined') { if($filter) { if($not) { $fd = fopen("/tmp/spamdb", "w"); - $cmd = "/usr/local/sbin/spamdb | grep -v \"" . escapeshellarg($filter) . "\" | tail -n {$limit}"; + $cmd = "/usr/local/sbin/spamdb | grep -v " . escapeshellarg($filter) . " | tail -n {$limit}"; fwrite($fd, $cmd); fclose($fd); - $pkgdb = explode("\n", `$cmd`); + exec($cmd, $pkgdb); if(file_exists("/var/db/blacklist.txt")) { $cmd = "cat /var/db/blacklist.txt | grep -v \"" . escapeshellarg($filter) . "\" "; - $pkgdba = explode("\n", `$cmd`); + exec($cmd, $pkgdba); foreach($pkgdba as $pkg) { $pkgdb[] = "TRAPPED|{$pkg}|1149324397"; } } } else { - $cmd = "/usr/local/sbin/spamdb | grep " . escapeshellarg($filter) . " | tail -n {$limit}"; - - $pkgdb = explode("\n", `$cmd`); + exec($cmd, $pkgdb); if(file_exists("/var/db/blacklist.txt")) { $cmd = "cat /var/db/blacklist.txt | grep " . escapeshellarg($filter); - $pkgdba = explode("\n", `$cmd`); + exec($cmd, $pkgdba); foreach($pkgdba as $pkg) { $pkgdb[] = "TRAPPED|{$pkg}|1149324397"; } @@ -355,7 +351,7 @@ if (typeof getURL == 'undefined') { } } } else { - $pkgdb = explode("\n", `/usr/local/sbin/spamdb | tail -n {$limit}`); + exec("/usr/local/sbin/spamdb | tail -n {$limit}", $pkgdb); } $rows = 0; $lastseenip = ""; -- cgit v1.2.3