Skip to content
Permalink
Browse files Browse the repository at this point in the history
master: avoid an endless loop in HTML generation
Safeguard to avoid any bigger loop than 100 nested levels. It protects against
application bugs in the parsing code.

Thx Christoph Biedl (debian.axhn@manchmal.in-ulm.de) for noticing
and for providing a patch

Closes: C:CVE-2013-6048
  • Loading branch information
steveschnepp committed Oct 28, 2013
1 parent 1b34e46 commit 284d740
Showing 1 changed file with 3 additions and 0 deletions.
3 changes: 3 additions & 0 deletions master/lib/Munin/Master/HTMLConfig.pm
Expand Up @@ -176,6 +176,7 @@ sub get_group_tree {
$shrinkpath;
$shrinkpath =~ s/^[^\/]+\/?//, $counter++)
{
die ("Munin::Master::HTMLConfig ran into an endless loop") if ($counter >= 100);
$childnode->{'url' . $counter} = $shrinkpath;
}

Expand Down Expand Up @@ -218,6 +219,7 @@ sub get_group_tree {
$shrinkpath =~ /\//;
$shrinkpath =~ s/^[^\/]+\/*//, $counter++
) {
die ("Munin::Master::HTMLConfig ran into an endless loop") if ($counter >= 100);
$obj->{'url' . $counter} = $shrinkpath;
}
push @$cats, $obj;
Expand Down Expand Up @@ -317,6 +319,7 @@ sub get_group_tree {
$shrinkpath =~ /\//;
$shrinkpath =~ s/^[^\/]+\/*//, $counter++
) {
die ("Munin::Master::HTMLConfig ran into an endless loop") if ($counter >= 100);
$ret->{'url' . $counter} = $shrinkpath;
}
}
Expand Down

0 comments on commit 284d740

Please sign in to comment.