tyler.durden
/
pi-hole
mirror of https://github.com/pi-hole/pi-hole.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request from GHSA-3597-244c-wrpj 

Add some validation to passed arguments before running the values through `sed`
This commit is contained in:
Adam Warner 2021-04-14 18:16:46 +01:00 committed by GitHub
parent 7855859726 45d4ab4c22
commit b388ac5bb5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 29 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
advanced/Scripts/webpage.sh
View File

@ -564,7 +564,13 @@ AddDHCPStaticAddress() {
RemoveDHCPStaticAddress() { RemoveDHCPStaticAddress() {
mac="${args[2]}" mac="${args[2]}"
sed -i "/dhcp-host=${mac}.*/d" "${dhcpstaticconfig}" if [[ "$mac" =~ ^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$ ]]; then
sed -i "/dhcp-host=${mac}.*/d" "${dhcpstaticconfig}"
else
echo " ${CROSS} Invalid Mac Passed!"
exit 1
fi
} }
SetAdminEmail() { SetAdminEmail() {
@ -708,7 +714,13 @@ RemoveCustomDNSAddress() {
ip="${args[2]}" ip="${args[2]}"
host="${args[3]}" host="${args[3]}"
sed -i "/${ip} ${host}/d" "${dnscustomfile}"
if valid_ip "${ip}" || valid_ip6 "${ip}" ; then
sed -i "/${ip} ${host}/d" "${dnscustomfile}"
else
echo -e " ${CROSS} Invalid IP has been passed"
exit 1
fi
# Restart dnsmasq to update removed custom DNS entries # Restart dnsmasq to update removed custom DNS entries
RestartDNS RestartDNS
@ -719,6 +731,7 @@ AddCustomCNAMERecord() {
domain="${args[2]}" domain="${args[2]}"
target="${args[3]}" target="${args[3]}"
echo "cname=${domain},${target}" >> "${dnscustomcnamefile}" echo "cname=${domain},${target}" >> "${dnscustomcnamefile}"
# Restart dnsmasq to load new custom CNAME records # Restart dnsmasq to load new custom CNAME records
@ -730,7 +743,20 @@ RemoveCustomCNAMERecord() {
domain="${args[2]}" domain="${args[2]}"
target="${args[3]}" target="${args[3]}"
sed -i "/cname=${domain},${target}/d" "${dnscustomcnamefile}"
validDomain="$(checkDomain "${domain}")"
if [[ -n "${validDomain}" ]]; then
validTarget="$(checkDomain "${target}")"
if [[ -n "${validDomain}" ]]; then
sed -i "/cname=${validDomain},${validTarget}/d" "${dnscustomcnamefile}"
else
echo " ${CROSS} Invalid Target Passed!"
exit 1
fi
else
echo " ${CROSS} Invalid Domain passed!"
exit 1
fi
# Restart dnsmasq to update removed custom CNAME records # Restart dnsmasq to update removed custom CNAME records
RestartDNS RestartDNS