New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Flaw in CGI mapfile loading makes it possible to bypass security controls. #6313
Labels
Comments
sdlime
added a commit
that referenced
this issue
Apr 30, 2021
…security controls (#6313) (#6314) * Create coverity-scan.yml * Update coverity-scan.yml * Avoid resource leak... (CID 1503409) * Revert "Avoid resource leak... (CID 1503409)" This reverts commit 7d261af. * Updated... * Limit action to MapServer/MapServer repo, run every Sunday (for now). * Always force map parameter values through validation checks. Add validation checks on environment variable names. * msIsValidRegex(): fix memleak Co-authored-by: Even Rouault <even.rouault@spatialys.com>
rouault
added a commit
to rouault/mapserver
that referenced
this issue
Apr 30, 2021
…security controls (MapServer#6313) (MapServer#6314) * Create coverity-scan.yml * Update coverity-scan.yml * Avoid resource leak... (CID 1503409) * Revert "Avoid resource leak... (CID 1503409)" This reverts commit 7d261af. * Updated... * Limit action to MapServer/MapServer repo, run every Sunday (for now). * Always force map parameter values through validation checks. Add validation checks on environment variable names. * msIsValidRegex(): fix memleak Co-authored-by: Even Rouault <even.rouault@spatialys.com>
sdlime
added a commit
that referenced
this issue
Apr 30, 2021
…security controls (#6313) (#6314) * Create coverity-scan.yml * Update coverity-scan.yml * Avoid resource leak... (CID 1503409) * Revert "Avoid resource leak... (CID 1503409)" This reverts commit 7d261af. * Updated... * Limit action to MapServer/MapServer repo, run every Sunday (for now). * Always force map parameter values through validation checks. Add validation checks on environment variable names. * msIsValidRegex(): fix memleak Co-authored-by: Even Rouault <even.rouault@spatialys.com>
sdlime
added a commit
that referenced
this issue
Apr 30, 2021
…security controls (#6313) (#6314) * Create coverity-scan.yml * Update coverity-scan.yml * Avoid resource leak... (CID 1503409) * Revert "Avoid resource leak... (CID 1503409)" This reverts commit 7d261af. * Updated... * Limit action to MapServer/MapServer repo, run every Sunday (for now). * Always force map parameter values through validation checks. Add validation checks on environment variable names. * msIsValidRegex(): fix memleak Co-authored-by: Even Rouault <even.rouault@spatialys.com>
sdlime
added a commit
that referenced
this issue
Apr 30, 2021
…security controls (#6313) (#6314) * Create coverity-scan.yml * Update coverity-scan.yml * Avoid resource leak... (CID 1503409) * Revert "Avoid resource leak... (CID 1503409)" This reverts commit 7d261af. * Updated... * Limit action to MapServer/MapServer repo, run every Sunday (for now). * Always force map parameter values through validation checks. Add validation checks on environment variable names. * msIsValidRegex(): fix memleak Co-authored-by: Even Rouault <even.rouault@spatialys.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
MapServer developers have identified a critical flaw in the logic associated with processing map parameter. It is possible to specify an arbitrary mapfile that bypasses the MS_MAP_NO_PATH and MS_MAP_PATTERN checks. This issue makes it difficult to easily limit where MapServer can load a mapfile from and applies to versions 4.10 and newer.
--Steve
CVE ID: CVE-2021-32062
The text was updated successfully, but these errors were encountered: