Skip to content

Commit

Permalink
pfBlockerNG log download validation. Fixes #9846
Browse files Browse the repository at this point in the history 
Submitted By: BBcan177

(cherry picked from commit 38be8c3)
  • Loading branch information
@jim-p
jim-p committed Oct 25, 2019
1 parent fff4cf8 commit b7281ff
Show file tree
Hide file tree
Showing 4 changed files with 53 additions and 5 deletions.
2 changes: 1 addition & 1 deletion net/pfSense-pkg-pfBlockerNG-devel/Makefile
View file
Expand Up @@ -2,7 +2,7 @@

PORTNAME= pfSense-pkg-pfBlockerNG-devel
PORTVERSION= 2.2.5
PORTREVISION= 25
PORTREVISION= 26
CATEGORIES= net
MASTER_SITES= # empty
DISTFILES= # empty
Expand Down
26 changes: 25 additions & 1 deletion net/pfSense-pkg-pfBlockerNG-devel/files/usr/local/www/pfblockerng/pfblockerng_log.php
View file
Expand Up @@ -192,6 +192,22 @@ function pfb_htmlspecialchars($line) {
return htmlspecialchars($line, ENT_NOQUOTES);
}

// Function to validate file/path
function pfb_validate_filepath($validate, $pfb_logtypes) {

$allowed_path = array();
foreach ($pfb_logtypes as $type) {
$allowed_path[$type['logdir']] = '';
}

$path = pathinfo($validate, PATHINFO_DIRNAME) . '/';
$file = basename($validate);

if ($path == '/var/unbound/' && $file != 'pfb_dnsbl.conf') {
return FALSE;
}
return isset($allowed_path[$path]);
}

$pconfig = array();
if ($_POST) {
Expand All @@ -202,6 +218,10 @@ function pfb_htmlspecialchars($line) {
if ($_REQUEST['ajax']) {
clearstatcache();
$pfb_logfilename = htmlspecialchars($_REQUEST['file']);
if (!pfb_validate_filepath($pfb_logfilename, $pfb_logtypes)) {
print ("|0|" . gettext('Invalid filename/path') . ".|");
exit;
}

// Load log
if ($_REQUEST['action'] == 'load') {
Expand All @@ -222,7 +242,11 @@ function pfb_htmlspecialchars($line) {

// Download/Clear logfile
if ($pconfig['logFile'] && ($pconfig['download'] || $pconfig['clear'])) {
$s_logfile = $pconfig['logFile'];
$s_logfile = htmlspecialchars($pconfig['logFile']);
if (!pfb_validate_filepath($s_logfile, $pfb_logtypes)) {
print ("|0|" . gettext('Invalid filename/path') . ".|");
exit;
}

// Clear selected file
if ($pconfig['clear']) {
Expand Down
2 changes: 1 addition & 1 deletion net/pfSense-pkg-pfBlockerNG/Makefile
View file
Expand Up @@ -2,7 +2,7 @@

PORTNAME= pfSense-pkg-pfBlockerNG
PORTVERSION= 2.1.4
PORTREVISION= 17
PORTREVISION= 18
CATEGORIES= net
MASTER_SITES= # empty
DISTFILES= # empty
Expand Down
28 changes: 26 additions & 2 deletions net/pfSense-pkg-pfBlockerNG/files/usr/local/www/pfblockerng/pfblockerng_log.php
View file
Expand Up @@ -4,7 +4,7 @@
*
* part of pfSense (https://www.pfsense.org)
* Copyright (c) 2016 Rubicon Communications, LLC (Netgate)
* Copyright (c) 2015-2016 BBcan177@gmail.com
* Copyright (c) 2015-2019 BBcan177@gmail.com
* All rights reserved.
*
* Portions of this code are based on original work done for the
Expand Down Expand Up @@ -165,6 +165,22 @@ function pfb_htmlspecialchars($line) {
return htmlspecialchars($line, ENT_NOQUOTES);
}

// Function to validate file/path
function pfb_validate_filepath($validate, $pfb_logtypes) {

$allowed_path = array();
foreach ($pfb_logtypes as $type) {
$allowed_path[$type['logdir']] = '';
}

$path = pathinfo($validate, PATHINFO_DIRNAME) . '/';
$file = basename($validate);

if ($path == '/var/unbound/' && $file != 'pfb_dnsbl.conf') {
return FALSE;
}
return isset($allowed_path[$path]);
}

$pconfig = array();
if ($_POST) {
Expand All @@ -175,6 +191,10 @@ function pfb_htmlspecialchars($line) {
if ($_REQUEST['ajax']) {
clearstatcache();
$pfb_logfilename = htmlspecialchars($_REQUEST['file']);
if (!pfb_validate_filepath($pfb_logfilename, $pfb_logtypes)) {
print ("|0|" . gettext('Invalid filename/path') . ".|");
exit;
}

// Load log
if ($_REQUEST['action'] == 'load') {
Expand All @@ -195,7 +215,11 @@ function pfb_htmlspecialchars($line) {

// Download/Clear logfile
if ($pconfig['logFile'] && ($pconfig['download'] || $pconfig['clear'])) {
$s_logfile = $pconfig['logFile'];
$s_logfile = htmlspecialchars($pconfig['logFile']);
if (!pfb_validate_filepath($s_logfile, $pfb_logtypes)) {
print ("|0|" . gettext('Invalid filename/path') . ".|");
exit;
}

// Clear selected file
if ($pconfig['clear']) {
Expand Down

0 comments on commit b7281ff

Please sign in to comment.