tyler.durden/pandorafms
1
0
Fork 0
mirror of https://github.com/pandorafms/pandorafms.git synced 2025-07-28 16:24:54 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fixed netflow command injection vulnerability

Browse Source
This commit is contained in:
Luis Calvo 2019-12-03 13:58:14 +01:00
parent 80d5eea467
commit 22cd129f71
1 changed files with 86 additions and 87 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
pandora_console/include/functions_netflow.php
View File

@ -890,7 +890,7 @@ function netflow_get_command($filter)
} }
// Filter options. // Filter options.
$command .= netflow_get_filter_arguments($filter); $command .= ' '.netflow_get_filter_arguments($filter);
return $command; return $command;
} }
@ -909,16 +909,14 @@ function netflow_get_filter_arguments($filter)
$filter_args = ''; $filter_args = '';
if ($filter['advanced_filter'] != '') { if ($filter['advanced_filter'] != '') {
$filter_args = preg_replace('/["\r\n]/', '', io_safe_output($filter['advanced_filter'])); $filter_args = preg_replace('/["\r\n]/', '', io_safe_output($filter['advanced_filter']));
return ' "('.$filter_args.')"'; } else {
}
if ($filter['router_ip'] != '') { if ($filter['router_ip'] != '') {
$filter_args .= ' "(router ip '.$filter['router_ip'].')'; $filter_args .= ' (router ip '.$filter['router_ip'].')';
} }
// Normal filter. // Normal filter.
if ($filter['ip_dst'] != '') { if ($filter['ip_dst'] != '') {
$filter_args .= ' "('; $filter_args .= ' (';
$val_ipdst = explode(',', io_safe_output($filter['ip_dst'])); $val_ipdst = explode(',', io_safe_output($filter['ip_dst']));
for ($i = 0; $i < count($val_ipdst); $i++) { for ($i = 0; $i < count($val_ipdst); $i++) {
if ($i > 0) { if ($i > 0) {
@ -937,7 +935,7 @@ function netflow_get_filter_arguments($filter)
if ($filter['ip_src'] != '') { if ($filter['ip_src'] != '') {
if ($filter_args == '') { if ($filter_args == '') {
$filter_args .= ' "('; $filter_args .= ' (';
} else { } else {
$filter_args .= ' and ('; $filter_args .= ' and (';
} }
@ -960,7 +958,7 @@ function netflow_get_filter_arguments($filter)
if ($filter['dst_port'] != '') { if ($filter['dst_port'] != '') {
if ($filter_args == '') { if ($filter_args == '') {
$filter_args .= ' "('; $filter_args .= ' (';
} else { } else {
$filter_args .= ' and ('; $filter_args .= ' and (';
} }
@ -979,7 +977,7 @@ function netflow_get_filter_arguments($filter)
if ($filter['src_port'] != '') { if ($filter['src_port'] != '') {
if ($filter_args == '') { if ($filter_args == '') {
$filter_args .= ' "('; $filter_args .= ' (';
} else { } else {
$filter_args .= ' and ('; $filter_args .= ' and (';
} }
@ -998,7 +996,7 @@ function netflow_get_filter_arguments($filter)
if (isset($filter['proto']) && $filter['proto'] != '') { if (isset($filter['proto']) && $filter['proto'] != '') {
if ($filter_args == '') { if ($filter_args == '') {
$filter_args .= ' "('; $filter_args .= ' (';
} else { } else {
$filter_args .= ' and ('; $filter_args .= ' and (';
} }
@ -1014,9 +1012,10 @@ function netflow_get_filter_arguments($filter)
$filter_args .= ')'; $filter_args .= ')';
} }
}
if ($filter_args != '') { if ($filter_args != '') {
$filter_args .= '"'; $filter_args = escapeshellarg($filter_args);
} }
return $filter_args; return $filter_args;