Skip to content

Commit 57b7bf0

Browse files
authored
Add better log filename validation.
This was needed after the a previous pull request that allowed selecting a log file to download.
1 parent 0377b21 commit 57b7bf0

File tree

1 file changed

+47
-25
lines changed

1 file changed

+47
-25
lines changed

Diff for: app/log_viewer/log_viewer.php

+47-25
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@
1717
1818
The Initial Developer of the Original Code is
1919
Mark J Crane <markjcrane@fusionpbx.com>
20-
Portions created by the Initial Developer are Copyright (C) 2008-2019
20+
Portions created by the Initial Developer are Copyright (C) 2008-2021
2121
the Initial Developer. All Rights Reserved.
2222
2323
Contributor(s):
@@ -44,32 +44,57 @@
4444
$text = $language->get();
4545

4646
//set a default line number value (off)
47-
if (!isset($_POST['line_number']) || $_POST['line_number'] == '') { $_POST['line_number'] = 0; }
47+
if (!isset($_POST['line_number']) || $_POST['line_number'] == '') {
48+
$_POST['line_number'] = 0;
49+
}
4850

4951
//set a default ordinal (descending)
50-
if (!isset($_POST['sort']) || $_POST['sort'] == '') { $_POST['sort'] = "asc"; }
52+
if (!isset($_POST['sort']) || $_POST['sort'] == '') {
53+
$_POST['sort'] = "asc";
54+
}
5155

5256
//set a default file size
53-
if (!isset($_POST['size']) || strlen($_POST['size']) == 0) { $_POST['size'] = "32"; }
57+
if (!isset($_POST['size']) || strlen($_POST['size']) == 0) {
58+
$_POST['size'] = "32";
59+
}
5460

5561
//set a default filter
56-
if (!isset($_POST['filter'])) { $_POST['filter'] = ""; }
62+
if (!isset($_POST['filter'])) {
63+
$_POST['filter'] = '';
64+
}
5765

5866
//set default default log file
59-
if (!isset($_POST['log_file']) || substr($_POST['log_file'],0,14) != "freeswitch.log") { $_POST['log_file'] = "freeswitch.log"; }
67+
if (isset($_POST['log_file'])) {
68+
$approved_files = glob($_SESSION['switch']['log']['dir'].'/freeswitch.log*');
69+
foreach($approved_files as $approved_file) {
70+
if ($approved_file == $_SESSION['switch']['log']['dir'].'/'.$_POST['log_file']) {
71+
$log_file = $approved_file;
72+
}
73+
}
74+
}
75+
else {
76+
$log_file = $_SESSION['switch']['log']['dir'].'/freeswitch.log';
77+
}
6078

6179
//download the log
6280
if (permission_exists('log_download')) {
63-
if (isset($_GET['n']) && substr($_GET['n'],0,14) == "freeswitch.log") {
64-
$dir = $_SESSION['switch']['log']['dir'];
65-
$filename = $_GET['n'];
66-
session_cache_limiter('public');
67-
$fd = fopen($dir."/".$filename, "rb");
68-
header("Content-Type: binary/octet-stream");
69-
header("Content-Length: " . filesize($tmp."/".$filename));
70-
header('Content-Disposition: attachment; filename="'.$filename.'"');
71-
fpassthru($fd);
72-
exit;
81+
if (isset($_GET['n'])) {
82+
if (isset($filename)) { unset($filename); }
83+
$approved_files = glob($_SESSION['switch']['log']['dir'].'/freeswitch.log*');
84+
foreach($approved_files as $approved_file) {
85+
if ($approved_file == $_SESSION['switch']['log']['dir'].'/'.$_GET['n']) {
86+
$filename = $approved_file;
87+
}
88+
}
89+
if (isset($filename) && file_exists($filename)) {
90+
session_cache_limiter('public');
91+
$fd = fopen($filename, "rb");
92+
header("Content-Type: binary/octet-stream");
93+
header("Content-Length: " . filesize($filename));
94+
header('Content-Disposition: attachment; filename="'.basename($filename).'"');
95+
fpassthru($fd);
96+
exit;
97+
}
7398
}
7499
}
75100

@@ -83,10 +108,10 @@
83108
echo " <div class='actions'>\n";
84109
echo "<form name='frm' id='frm' class='inline' method='post'>\n";
85110
echo " ".$text['label-log_file']." <select name='log_file' class='formfld' style='width: 150px; margin-right: 20px;'>";
86-
$files = scandir($_SESSION['switch']['log']['dir']);
87-
foreach($files as $file) if (substr($file,0,14) == "freeswitch.log") {
88-
$selected = ($file == $_POST['log_file']) ? "selected='selected'" : "";
89-
echo " <option value='".$file."'".$selected.">".$file."</option>";
111+
$files = glob($_SESSION['switch']['log']['dir'].'/freeswitch.log*');
112+
foreach($files as $file) {
113+
$selected = ($file == $log_file) ? "selected='selected'" : "";
114+
echo " <option value='".basename($file)."'".$selected.">".basename($file)."</option>";
90115
}
91116
echo " </select>\n";
92117
echo $text['label-filter']." <input type='text' name='filter' class='formfld' style='width: 150px; text-align: center; margin-right: 20px;' value=\"".escape($_POST['filter'])."\" onclick='this.select();'>";
@@ -95,7 +120,7 @@
95120
echo $text['label-display']." <input type='text' class='formfld' style='width: 50px; text-align: center;' name='size' value=\"".escape($_POST['size'])."\" onclick='this.select();'> ".$text['label-size'];
96121
echo button::create(['type'=>'submit','label'=>$text['button-update'],'icon'=>$_SESSION['theme']['button_icon_save'],'style'=>'margin-left: 15px;','name'=>'submit']);
97122
if (permission_exists('log_download')) {
98-
echo button::create(['type'=>'button','label'=>$text['button-download'],'icon'=>$_SESSION['theme']['button_icon_download'],'style'=>'margin-left: 15px;','link'=>'log_viewer.php?a=download&n='.$_POST['log_file']]);
123+
echo button::create(['type'=>'button','label'=>$text['button-download'],'icon'=>$_SESSION['theme']['button_icon_download'],'style'=>'margin-left: 15px;','link'=>'log_viewer.php?a=download&n='.basename($log_file)]);
99124
}
100125
echo "</form>\n";
101126
echo " </div>\n";
@@ -115,9 +140,6 @@
115140
$default_type = 'normal';
116141
$default_font = 'monospace';
117142
$default_file_size = '512000';
118-
if (substr($_POST['log_file'],0,14) == "freeswitch.log") {
119-
$log_file = $_SESSION['switch']['log']['dir']."/".$_POST['log_file'];
120-
}
121143

122144
//put the color matches here...
123145
$array_filter[0]['pattern'] = '[NOTICE]';
@@ -296,4 +318,4 @@
296318
//include the footer
297319
require_once "resources/footer.php";
298320

299-
?>
321+
?>

0 commit comments

Comments
 (0)