Skip to content

Commit

Permalink
Apply validation to config items for update. Add extra error number f…
Browse files Browse the repository at this point in the history 
…or us in validation.
  • Loading branch information
@mark-unwin
mark-unwin committed Apr 23, 2020
1 parent 6cb9f1a commit d298b68
Show file tree
Hide file tree
Showing 3 changed files with 90 additions and 30 deletions.
4 changes: 3 additions & 1 deletion code_igniter/application/controllers/configuration.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -104,7 +104,9 @@ public function read()
*/
public function update()
{
include 'include_update.php';
$this->m_configuration->update(intval($this->response->meta->id), $this->response->meta->received_data->attributes->value, $this->user->full_name);
$this->response->data = $this->m_configuration->read($this->response->meta->id);
output($this->response);
return;
}

Expand Down
8 changes: 8 additions & 0 deletions code_igniter/application/helpers/error_helper.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -403,6 +403,14 @@ function getErrors () {
$error_array['ERR-0043']->detail = "<strong>ERROR</strong> - Nmap <strong>must</strong> be installed. Please install it using your package manager. See <a target='_blank' href='https://community.opmantek.com/display/OA/Open-AudIT+and+Nmap'>https://community.opmantek.com/display/OA/Open-AudIT+and+Nmap</a> for information about why Open-AudIT requires Nmap and how to install it.";
}

$error_array['ERR-0044'] = new stdClass();
$error_array['ERR-0044']->code = 'ERR-0044';
$error_array['ERR-0044']->status = 'HTTP/1.1 400 Bad Request';
$error_array['ERR-0044']->severity = 5;
$error_array['ERR-0044']->severity_text = 'warning';
$error_array['ERR-0044']->title = 'Bad Configuration value supplied';
$error_array['ERR-0044']->detail = 'The configuration value supplied is invalid for this item.';

foreach ($error_array as $error_each) {
$temp = explode(' ', $error_each->status);
$error_each->status_code = intval($temp[1]);
Expand Down
108 changes: 79 additions & 29 deletions code_igniter/application/models/m_configuration.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -124,46 +124,96 @@ public function update($id = '', $value = '', $edited_by = '')
if ( ! empty($this->config->config['internal_version']) && $this->config->config['internal_version'] < 20160904) {
return;
}
$CI = & get_instance();
// We might just use the response->meta->id
if (empty($id) && ! empty($CI->response->meta->collection) && $CI->response->meta->collection === 'configuration') {
if ( ! empty($CI->response->meta->id)) {
$id = $CI->response->meta->id;
} else if ( ! empty($CI->response->meta->received_data->attributes->name)) {
$id = $CI->response->meta->received_data->attributes->name;
} else if ( ! empty($CI->response->meta->received_data->attributes->id)) {
$id = $CI->response->meta->received_data->attributes->id;
}
}

// We accept either an integer ID or a string NAME
if ( ! empty($id) && ! is_integer($id)) {
$sql = 'SELECT id FROM configuration WHERE name = ?';
$data = array((string)$id);
$result = $this->run_sql($sql, $data);
if ( ! empty($result[0]->id)) {
$id = $result[0]->id;
if ( ! empty($id)) {
if ( ! is_int($id)) {
$sql = 'SELECT * FROM `configuration` WHERE `name` = ?';
$data = array((string)$id);
$result = $this->run_sql($sql, $data);
$config_item = $result[0];
$id = @intval($config_item->id);
} else {
$id = '';
$sql = 'SELECT * FROM `configuration` WHERE `id` = ?';
$data = array($id);
$result = $this->run_sql($sql, $data);
$config_item = $result[0];
$id = @intval($config_item->id);
}
}

if (empty($id)) {
// We have nothing to ID the particular config item
log_error('ERR-0044', 'm_configuration::update', 'No ID or NAME supplied to update.');
return false;
}

if (empty($edited_by)) {
log_error('ERR-0044', 'm_configuration::update', 'No username supplied to update.');
return false;
}

if ($config_item->type === 'bool' && $value !== 'y' && $value !== 'n' && $value !== '') {
// invalid
log_error('ERR-0044', 'm_configuration::update', 'Value supplied must be either y or n.');
return false;
}

if ($config_item->type === 'number') {
if ( ! is_numeric($value) && ! is_int($value) && $value !== '') {
log_error('ERR-0044', 'm_configuration::update', 'Value supplied must be a number.');
return false;
} else {
if ( ! $value !== '') {
$value = intval($value);
}
}
}

if ($config_item->name === 'discovery_ip_exclude' && ! preg_match('/^[\d,\.,\/,-, ,\-]*$/', $value)) {
// invalid
log_error('ERR-0044', 'm_configuration::update', 'server_ip must be a valid IP address, range or subnet, separated by spaces or commas.');
return false;
}
// We can use the responsed received data if not explicitly provided a value
if (empty($value) && $CI->response->meta->collection === 'configuration') {
if (isset($CI->response->meta->received_data->attributes->value)) {
$value = $CI->response->meta->received_data->attributes->value;

if ($config_item->type === 'text' && $config_item->name !== 'modules' && $config_item->name !== 'servers') {
if (strpos($value, '"') !== false OR strpos($value, "'") !== false) {
// invalid
log_error('ERR-0044', 'm_configuration::update', 'URL value contains disallowed characters (quotes).');
return false;
}
}
if (empty($edited_by)) {
$edited_by = $this->user->full_name;

if ($config_item->name === 'modules' OR $config_item->name === 'servers') {
$test = @json_decode($value);
if (empty($test)) {
// invalid
log_error('ERR-0044', 'm_configuration::update', 'modules should be valid JSON.');
return false;
}
}
if ($this->db->dbdriver === 'mysql' OR $this->db->dbdriver === 'mysqli') {
$sql = 'UPDATE configuration SET value = ?, edited_by = ?, edited_date = NOW() WHERE id = ?';
} else if ($this->db->dbdriver === 'mssql') {
$sql = 'UPDATE [configuration] SET value = ?, edited_by = ?, edited_date = getdatetime2() WHERE id = ?';

if (strpos($config_item->name, 'url') !== false OR $config_item->name === 'default_network_address') {
if (strpos($value, '"') !== false OR strpos($value, "'") !== false OR strpos($value, '<') !== false OR strpos($value, '>') !== false) {
// invalid
log_error('ERR-0044', 'm_configuration::update', 'URL value contains disallowed characters.');
return false;
}
}

if ($config_item->name === 'server_ip' && ! preg_match('/^[\d,\.]*$/', $value)) {
// invalid
log_error('ERR-0044', 'm_configuration::update', 'server_ip must be a valid IP address.');
return false;
}

if ($config_item->name === 'oae_prompt' && ! preg_match('/^[\d,\-]*$/', $value)) {
// invalid
log_error('ERR-0044', 'm_configuration::update', 'oae_prompt should be a valid date of the form YYYY-MM-DD.');
return false;
}

$sql = 'UPDATE configuration SET value = ?, edited_by = ?, edited_date = NOW() WHERE id = ?';
$data = array((string)$value, (string)$edited_by, intval($id));
$this->run_sql($sql, $data);
return true;
Expand Down Expand Up @@ -391,7 +441,7 @@ public function collection($user_id = null, $response = null)

$filter = '';
$filter_response = array();
if (!empty($CI->response->meta->filter)) {
if ( ! empty($CI->response->meta->filter)) {
foreach ($CI->response->meta->filter as $filter) {
if ($filter->operator === 'in' OR $filter->operator === 'not in') {
$filter_response[] = ' ' . $filter->name . ' ' . $filter->operator . ' ' . $filter->value;
Expand Down

0 comments on commit d298b68

Please sign in to comment.