From ddc46c077ffde52f8837afaa9308ae068f8fe1a5 Mon Sep 17 00:00:00 2001 From: Jose Gonzalez Date: Thu, 22 Oct 2020 17:01:10 +0200 Subject: [PATCH 1/2] Solved issue --- .../include/class/AgentWizard.class.php | 23 ++++++++++++------- 1 file changed, 15 insertions(+), 8 deletions(-) diff --git a/pandora_console/include/class/AgentWizard.class.php b/pandora_console/include/class/AgentWizard.class.php index 9efc2a872a..15e28312e0 100644 --- a/pandora_console/include/class/AgentWizard.class.php +++ b/pandora_console/include/class/AgentWizard.class.php @@ -3002,7 +3002,7 @@ class AgentWizard extends HTML $newModule = $module; // Split the values got to obtain the name. $tmpFirst = explode('.', $value); - $tmpSecond = explode(' ', $tmpFirst[1]); + $tmpSecond = explode(' ', $tmpFirst[(count($tmpFirst) - 1)]); // Position 0 is the index, Position 3 is the MIB name. $snmpwalkNames[$tmpSecond[0]] = $tmpSecond[3]; // Perform the operations for get the values. @@ -3011,6 +3011,11 @@ class AgentWizard extends HTML $currentOid = $oid.'.'.$tmpSecond[0]; $macros['macros'][$oidName] = $currentOid; $currentOidValue = $this->snmpgetValue($currentOid); + // If for any reason the value comes empty, add 1. + if ($currentOidValue == '') { + $currentOidValue = 1; + } + $thisOperation = preg_replace( '/'.$oidName.'/', $currentOidValue, @@ -4739,11 +4744,11 @@ class AgentWizard extends HTML string $unit='', ?int $type=0 ) { - // Avoid non-numeric or arithmetic chars for security reasons. - if (preg_match('/(([^0-9\s\+\-\*\/\(\).,])+)/', $operation) === 1) { - $output = 'ERROR'; - } else { - try { + try { + // Avoid non-numeric or arithmetic chars for security reasons. + if (preg_match('/(([^0-9\s\+\-\*\/\(\).,])+)/', $operation) === 1) { + throw new Exception(sprintf(__("The operation '%s' is not permitted. Review for remote components."), $operation)); + } else { // Get the result of the operation and set it. $output = ''; eval('$output = '.$operation.';'); @@ -4753,9 +4758,11 @@ class AgentWizard extends HTML $unit, $type ); - } catch (Exception $e) { - $output = 'ERROR'; } + } catch (Exception $e) { + $this->message['type'][] = 'error'; + $this->message['message'][] = $e->getMessage(); + $this->showMessage(); } return $output; From a8c54dadee7377259c0dca7c14a12038ae6de0b8 Mon Sep 17 00:00:00 2001 From: Jose Gonzalez Date: Thu, 22 Oct 2020 17:03:31 +0200 Subject: [PATCH 2/2] Fixed some errors --- pandora_console/include/class/AgentWizard.class.php | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/pandora_console/include/class/AgentWizard.class.php b/pandora_console/include/class/AgentWizard.class.php index 15e28312e0..5ac7c9fa02 100644 --- a/pandora_console/include/class/AgentWizard.class.php +++ b/pandora_console/include/class/AgentWizard.class.php @@ -4571,7 +4571,7 @@ class AgentWizard extends HTML // Definition object. $definition = []; - // ifHCInOctets. + // IfHCInOctets. $moduleName = $name.'ifHCInOctets'; $definition['ifHCInOctets'] = [ 'module_name' => $moduleName, @@ -4597,7 +4597,7 @@ class AgentWizard extends HTML ], ]; - // ifHCOutOctets. + // IfHCOutOctets. $moduleName = $name.'ifHCOutOctets'; $definition['ifHCOutOctets'] = [ 'module_name' => $moduleName, @@ -4623,7 +4623,7 @@ class AgentWizard extends HTML ], ]; - // ifHCInUcastPkts. + // IfHCInUcastPkts. $moduleName = $name.'ifHCInUcastPkts'; $definition['ifHCInUcastPkts'] = [ 'module_name' => $moduleName, @@ -4649,7 +4649,7 @@ class AgentWizard extends HTML ], ]; - // ifHCOutUcastPkts. + // IfHCOutUcastPkts. $moduleName = $name.'ifHCOutUcastPkts'; $definition['ifHCOutUcastPkts'] = [ 'module_name' => $moduleName, @@ -4674,7 +4674,7 @@ class AgentWizard extends HTML 'inv_critical' => false, ], ]; - // ifHCInNUcastPkts. + // IfHCInNUcastPkts. $moduleName = $name.'ifHCInNUcastPkts'; $definition['ifHCInNUcastPkts'] = [ 'module_name' => $moduleName, @@ -4738,6 +4738,7 @@ class AgentWizard extends HTML * @param integer|null $type Module type. * * @return string + * @throws Exception Handle of unwanted operations. */ private function evalOperation( string $operation,