From c5e798b6ab8075711f687383225d2c94d1bf80ff Mon Sep 17 00:00:00 2001 From: doug Date: Fri, 3 Jun 2016 11:42:13 -0400 Subject: [PATCH] Issue 935: CapMe: improve input validation on stime and etime variables --- capme/.inc/callback.php | 6 +- capme/.inc/functions.php | 6 +- debian/changelog | 6 ++ ...ut-validation-on-stime-and-etime-variables | 70 +++++++++++++++++++ debian/patches/series | 1 + 5 files changed, 85 insertions(+), 4 deletions(-) create mode 100644 debian/patches/Issue-935:-CapMe:-improve-input-validation-on-stime-and-etime-variables diff --git a/capme/.inc/callback.php b/capme/.inc/callback.php index b39e57d..faae774 100644 --- a/capme/.inc/callback.php +++ b/capme/.inc/callback.php @@ -93,15 +93,17 @@ function cliscript($cmd, $pwd) { // Validate user input - start time // must be greater than 5 years ago and less than 5 years from today +$mintime=time() - 5 * 365 * 24 * 60 * 60; +$maxtime=time() + 5 * 365 * 24 * 60 * 60; $st_unix= $d[4]; -if (!( ($st_unix >= (time() - 5 * 365 * 24 * 60 * 60)) && ($st_unix <= time() + 5 * 365 * 24 * 60 * 60) )) { +if (filter_var($st_unix, FILTER_VALIDATE_INT, array("options" => array("min_range"=>$mintime, "max_range"=>$maxtime))) === false) { invalidCallback("Invalid start time."); } // Validate user input - end time // must be greater than 5 years ago and less than 5 years from today $et_unix= $d[5]; -if (!( ($et_unix >= (time() - 5 * 365 * 24 * 60 * 60)) && ($et_unix <= time() + 5 * 365 * 24 * 60 * 60) )) { +if (filter_var($et_unix, FILTER_VALIDATE_INT, array("options" => array("min_range"=>$mintime, "max_range"=>$maxtime))) === false) { invalidCallback("Invalid end time."); } diff --git a/capme/.inc/functions.php b/capme/.inc/functions.php index e12ffab..fd9aaea 100644 --- a/capme/.inc/functions.php +++ b/capme/.inc/functions.php @@ -82,8 +82,10 @@ function invalid($string) { // Validate user input - start time - stime // must be greater than 5 years ago and less than 5 years from today +$mintime=time() - 5 * 365 * 24 * 60 * 60; +$maxtime=time() + 5 * 365 * 24 * 60 * 60; if (isset($_REQUEST['stime'])) { - if (!( ($_REQUEST['stime'] >= (time() - 5 * 365 * 24 * 60 * 60)) && ($_REQUEST['stime'] <= time() + 5 * 365 * 24 * 60 * 60) )) { + if (filter_var($_REQUEST['stime'], FILTER_VALIDATE_INT, array("options" => array("min_range"=>$mintime, "max_range"=>$maxtime))) === false) { invalid("Invalid start time."); } else { $stime = $_REQUEST['stime']; $s++; @@ -94,7 +96,7 @@ function invalid($string) { // Validate user input - end time - etime // must be greater than 5 years ago and less than 5 years from today if (isset($_REQUEST['etime'])) { - if (!( ($_REQUEST['etime'] >= (time() - 5 * 365 * 24 * 60 * 60)) && ($_REQUEST['etime'] <= time() + 5 * 365 * 24 * 60 * 60) )) { + if (filter_var($_REQUEST['etime'], FILTER_VALIDATE_INT, array("options" => array("min_range"=>$mintime, "max_range"=>$maxtime))) === false) { invalid("Invalid end time."); } else { $etime = $_REQUEST['etime']; $s++; diff --git a/debian/changelog b/debian/changelog index 997fcb5..0f3d90f 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +securityonion-capme (20121213-0ubuntu0securityonion58) trusty; urgency=medium + + * Issue 935: CapMe: improve input validation on stime and etime variables + + -- Doug Burks Fri, 03 Jun 2016 11:40:52 -0400 + securityonion-capme (20121213-0ubuntu0securityonion57) trusty; urgency=medium * Issue 934: CapMe: subdirectories should redirect to main page diff --git a/debian/patches/Issue-935:-CapMe:-improve-input-validation-on-stime-and-etime-variables b/debian/patches/Issue-935:-CapMe:-improve-input-validation-on-stime-and-etime-variables new file mode 100644 index 0000000..48bb85e --- /dev/null +++ b/debian/patches/Issue-935:-CapMe:-improve-input-validation-on-stime-and-etime-variables @@ -0,0 +1,70 @@ +Description: + TODO: Put a short summary on the line above and replace this paragraph + with a longer explanation of this change. Complete the meta-information + with other relevant fields (see below for details). To make it easier, the + information below has been extracted from the changelog. Adjust it or drop + it. + . + securityonion-capme (20121213-0ubuntu0securityonion58) trusty; urgency=medium + . + * Issue 935: CapMe: improve input validation on stime and etime variables +Author: Doug Burks + +--- +The information above should follow the Patch Tagging Guidelines, please +checkout http://dep.debian.net/deps/dep3/ to learn about the format. Here +are templates for supplementary fields that you might want to add: + +Origin: , +Bug: +Bug-Debian: http://bugs.debian.org/ +Bug-Ubuntu: https://launchpad.net/bugs/ +Forwarded: +Reviewed-By: +Last-Update: + +--- securityonion-capme-20121213.orig/capme/.inc/callback.php ++++ securityonion-capme-20121213/capme/.inc/callback.php +@@ -93,15 +93,17 @@ if (filter_var($dpt, FILTER_VALIDATE_INT + + // Validate user input - start time + // must be greater than 5 years ago and less than 5 years from today ++$mintime=time() - 5 * 365 * 24 * 60 * 60; ++$maxtime=time() + 5 * 365 * 24 * 60 * 60; + $st_unix= $d[4]; +-if (!( ($st_unix >= (time() - 5 * 365 * 24 * 60 * 60)) && ($st_unix <= time() + 5 * 365 * 24 * 60 * 60) )) { ++if (filter_var($st_unix, FILTER_VALIDATE_INT, array("options" => array("min_range"=>$mintime, "max_range"=>$maxtime))) === false) { + invalidCallback("Invalid start time."); + } + + // Validate user input - end time + // must be greater than 5 years ago and less than 5 years from today + $et_unix= $d[5]; +-if (!( ($et_unix >= (time() - 5 * 365 * 24 * 60 * 60)) && ($et_unix <= time() + 5 * 365 * 24 * 60 * 60) )) { ++if (filter_var($et_unix, FILTER_VALIDATE_INT, array("options" => array("min_range"=>$mintime, "max_range"=>$maxtime))) === false) { + invalidCallback("Invalid end time."); + } + +--- securityonion-capme-20121213.orig/capme/.inc/functions.php ++++ securityonion-capme-20121213/capme/.inc/functions.php +@@ -82,8 +82,10 @@ if (isset($_REQUEST['dpt'])) { + + // Validate user input - start time - stime + // must be greater than 5 years ago and less than 5 years from today ++$mintime=time() - 5 * 365 * 24 * 60 * 60; ++$maxtime=time() + 5 * 365 * 24 * 60 * 60; + if (isset($_REQUEST['stime'])) { +- if (!( ($_REQUEST['stime'] >= (time() - 5 * 365 * 24 * 60 * 60)) && ($_REQUEST['stime'] <= time() + 5 * 365 * 24 * 60 * 60) )) { ++ if (filter_var($_REQUEST['stime'], FILTER_VALIDATE_INT, array("options" => array("min_range"=>$mintime, "max_range"=>$maxtime))) === false) { + invalid("Invalid start time."); + } else { + $stime = $_REQUEST['stime']; $s++; +@@ -94,7 +96,7 @@ if (isset($_REQUEST['stime'])) { + // Validate user input - end time - etime + // must be greater than 5 years ago and less than 5 years from today + if (isset($_REQUEST['etime'])) { +- if (!( ($_REQUEST['etime'] >= (time() - 5 * 365 * 24 * 60 * 60)) && ($_REQUEST['etime'] <= time() + 5 * 365 * 24 * 60 * 60) )) { ++ if (filter_var($_REQUEST['etime'], FILTER_VALIDATE_INT, array("options" => array("min_range"=>$mintime, "max_range"=>$maxtime))) === false) { + invalid("Invalid end time."); + } else { + $etime = $_REQUEST['etime']; $s++; diff --git a/debian/patches/series b/debian/patches/series index 96ddb7f..28f43a0 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -45,3 +45,4 @@ handle-failed-pcap_agent-more-gracefully handle-failed-pcap_agent-more-gracefully-in-second-request CapMe:-Handle-pcaps-that-generate-no-p0f-output-#927 Issue-934:-CapMe:-subdirectories-should-redirect-to-main-page +Issue-935:-CapMe:-improve-input-validation-on-stime-and-etime-variables