From c613223747934c62488bb55fb72138bec353ff61 Mon Sep 17 00:00:00 2001 From: bmeeks8 Date: Tue, 28 Jan 2014 16:01:01 -0500 Subject: Fix snort_rules_edit.php to address http://seclist.org/fulldisclosure/2014/Jan/187 --- config/snort/snort_rules_edit.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'config') diff --git a/config/snort/snort_rules_edit.php b/config/snort/snort_rules_edit.php index 28deccd5..61a9574a 100755 --- a/config/snort/snort_rules_edit.php +++ b/config/snort/snort_rules_edit.php @@ -115,8 +115,12 @@ elseif (file_exists("{$snortdir}/rules/{$file}")) elseif (file_exists("{$snortdir}/preproc_rules/{$file}")) $contents = file_get_contents("{$snortdir}/preproc_rules/{$file}"); // Is it a fully qualified path and file? -elseif (file_exists($file)) - $contents = file_get_contents($file); +elseif (file_exists($file)) { + if (substr(realpath($file), 0, strlen(SNORTLOGDIR)) != SNORTLOGDIR) + $contents = gettext("\n\nERROR -- File: {$file} can not be viewed!"); + else + $contents = file_get_contents($file); +} // It is not something we can display, so exit. else $input_errors[] = gettext("Unable to open file: {$displayfile}"); -- cgit v1.2.3