diff options
| author | Wesley Shields <wxs@FreeBSD.org> | 2009-07-14 12:55:38 +0000 |
|---|---|---|
| committer | Wesley Shields <wxs@FreeBSD.org> | 2009-07-14 12:55:38 +0000 |
| commit | ab83431b95a3064a3c84b9afe79b2b308ed661de (patch) | |
| tree | 50e6c8d49cf387b794b736d2b597c7285556d927 /net-mgmt | |
| parent | - Address command injection vulnerability (diff) | |
- Address command injection vulnerability
Submitted by: Jarrod Sayers <jarrod@netleader.com.au> (private mail)
Security: 3ebd4cb5-657f-11de-883a-00e0815b8da8
Notes
Notes:
svn path=/head/; revision=237776
Diffstat (limited to 'net-mgmt')
| -rw-r--r-- | net-mgmt/nagios2/Makefile | 2 | ||||
| -rw-r--r-- | net-mgmt/nagios2/files/patch-cgi-statuswml.c | 53 |
2 files changed, 54 insertions, 1 deletions
diff --git a/net-mgmt/nagios2/Makefile b/net-mgmt/nagios2/Makefile index 1a29533ee17a..9fa9d824f634 100644 --- a/net-mgmt/nagios2/Makefile +++ b/net-mgmt/nagios2/Makefile @@ -7,7 +7,7 @@ PORTNAME= nagios PORTVERSION= 2.12 -PORTREVISION= 3 +PORTREVISION= 4 CATEGORIES= net-mgmt MASTER_SITES= SF diff --git a/net-mgmt/nagios2/files/patch-cgi-statuswml.c b/net-mgmt/nagios2/files/patch-cgi-statuswml.c new file mode 100644 index 000000000000..7e6bf8f3ec20 --- /dev/null +++ b/net-mgmt/nagios2/files/patch-cgi-statuswml.c @@ -0,0 +1,53 @@ +--- cgi/statuswml.c.orig 2008-05-20 02:34:38.000000000 +0930 ++++ cgi/statuswml.c 2009-07-09 19:59:49.000000000 +0930 +@@ -66,6 +66,8 @@ + void document_header(void); + void document_footer(void); + int process_cgivars(void); ++int validate_arguments(void); ++int is_valid_hostip(char *hostip); + + int display_type=DISPLAY_INDEX; + int hostgroup_style=DISPLAY_HOSTGROUP_SUMMARY; +@@ -107,6 +109,13 @@ + + document_header(); + ++ /* validate arguments in URL */ ++ result=validate_arguments(); ++ if(result==ERROR){ ++ document_footer(); ++ return ERROR; ++ } ++ + /* read the CGI configuration file */ + result=read_cgi_config_file(get_cgi_config_location()); + if(result==ERROR){ +@@ -349,6 +358,27 @@ + } + + ++int validate_arguments(void){ ++ int result=OK; ++ if((strcmp(ping_address,"")) && !is_valid_hostip(ping_address)) { ++ printf("<p>Invalid host name/ip</p>\n"); ++ result=ERROR; ++ } ++ if(strcmp(traceroute_address,"") && !is_valid_hostip(traceroute_address)){ ++ printf("<p>Invalid host name/ip</p>\n"); ++ result=ERROR; ++ } ++ return result; ++ } ++ ++int is_valid_hostip(char *hostip) { ++ char *valid_domain_chars="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-"; ++ if(strcmp(hostip,"") && strlen(hostip)==strspn(hostip,valid_domain_chars) && hostip[0] != '-' && hostip[strlen(hostip)-1] != '-') ++ return TRUE; ++ return FALSE; ++ } ++ ++ + + /* main intro screen */ + void display_index(void){ |