Skip to content
Permalink
Browse files Browse the repository at this point in the history
Clean up code and prevent HTML attacks on untrusted inputs
  • Loading branch information
jcameron committed Oct 30, 2022
1 parent 13db341 commit d3d33af
Showing 1 changed file with 12 additions and 18 deletions.
30 changes: 12 additions & 18 deletions xterm/index.cgi
Expand Up @@ -171,32 +171,26 @@ $miniserv{'websockets_'.$wspath} = "host=127.0.0.1 port=$port wspath=/ user=$rem
&unlock_file(&get_miniserv_config_file());
&reload_miniserv();

# Launch the shell server on that port
&foreign_require("cron");
my $shellserver_cmd = "$module_config_directory/shellserver.pl";
if (!-r $shellserver_cmd) {
&cron::create_wrapper($shellserver_cmd, $module_name, "shellserver.pl");
}
# Check permissions for user to run as
my $user = $access{'user'};
if ($user eq "*") {
$user = $remote_user;
}

# Switch to given user
if ($user eq "root") {
my $username = $in{'user'};
if ($username) {
my @uinfo = getpwnam($username);
if (@uinfo) {
$user = $username;
}
else {
&error(&text('index_euser', $username));
}
}
if ($user eq "root" && $in{'user'}) {
defined(getpwnam($in{'user'})) ||
&error(&text('index_euser', &html_escape($in{'user'})));
$user = $in{'user'};
}

defined(getpwnam($user)) || &error(&text('index_euser', $user));
# Launch the shell server on the allocated port
&foreign_require("cron");
my $shellserver_cmd = "$module_config_directory/shellserver.pl";
if (!-r $shellserver_cmd) {
&cron::create_wrapper($shellserver_cmd, $module_name, "shellserver.pl");
}
defined(getpwnam($user)) || &error(&text('index_euser', &html_escape($user)));
my $tmpdir = &tempname_dir();
$ENV{'SESSION_ID'} = $main::session_id;
&system_logged("$shellserver_cmd $port $user >$tmpdir/ws-$port.out 2>&1 </dev/null");
Expand Down

0 comments on commit d3d33af

Please sign in to comment.