tyler.durden/pandorafms
1
0
Fork 0
mirror of https://github.com/pandorafms/pandorafms.git synced 2025-04-08 18:55:09 +02:00
Code Issues Packages Projects Releases Wiki Activity

#13716 fixed vul in netflow

Browse Source
This commit is contained in:
Daniel Cebrian 2024-05-13 11:34:59 +02:00
parent 2dd3e30601
commit b56cdc743e
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
pandora_console/include/functions_netflow.php
View File

@ -804,8 +804,9 @@ function netflow_get_stats(
return json_decode($data, true);
}
$aggregate = escapeshellarg($aggregate.'/bytes');
// Get the command to call nfdump.
$options = "-o csv -q -n $max -s $aggregate/bytes -t ".date($nfdump_date_format, $start_date).'-'.date($nfdump_date_format, $end_date);
$options = "-o csv -q -n $max -s $aggregate -t ".date($nfdump_date_format, $start_date).'-'.date($nfdump_date_format, $end_date);
$command = netflow_get_command($options, $filter, $start_date_fixed, $end_date_fixed);
// Execute nfdump.
exec($command, $string);
@ -1147,6 +1148,7 @@ function netflow_get_command($options, $filter, $date_init=0, $date_end=0)
// Filter options.
$command .= ' '.netflow_get_filter_arguments($filter);
return $command;
}
@ -2186,9 +2188,9 @@ function netflow_get_top_data(
// Get the command to call nfdump.
$options = sprintf(
'-q -o csv -n %s -s %s/bytes -t %s-%s',
'-q -o csv -n %s -s %s -t %s-%s',
$max,
$aggregate,
escapeshellarg($aggregate.'/bytes'),
date($nfdump_date_format, $start_date),
date($nfdump_date_format, $end_date)
);