[icinga-checkins] icinga.org: icinga-core/mfriedrich/core: classic ui: fix cross site scripting vulnerability in config. cgi on config expander arguments #1605

git at icinga.org git at icinga.org
Sat Jun 4 13:03:34 CEST 2011


Module: icinga-core
Branch: mfriedrich/core
Commit: cbe9993f0796fe80ec57ef2e5bcfbca5d8108e9c
URL:    https://git.icinga.org/?p=icinga-core.git;a=commit;h=cbe9993f0796fe80ec57ef2e5bcfbca5d8108e9c

Author: Michael Friedrich <michael.friedrich at univie.ac.at>
Date:   Wed Jun  1 17:46:42 2011 +0200

classic ui: fix cross site scripting vulnerability in config.cgi on config expander arguments #1605

thanks Stefan, the proposed fix attempts to fix it globally
on the config.cgi command expander

fixes #1605

---

 Changelog    |   10 +++++++++-
 THANKS       |    1 +
 cgi/config.c |    2 +-
 3 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/Changelog b/Changelog
index c44f684..b51e15a 100644
--- a/Changelog
+++ b/Changelog
@@ -1,7 +1,15 @@
 #######################
-Icinga 1.4.x Change Log
+Icinga 1.5.x Change Log
 #######################
 
+1.5.0 - ??/08/2011
+
+ENHANCEMENTS
+
+FIXES
+* classic ui: fix cross site scripting vulnerability in config.cgi on config expander arguments #1605
+
+
 1.4.0 - 11/05/2011
 
 ENHANCEMENTS
diff --git a/THANKS b/THANKS
index 122c5c1..003edab 100644
--- a/THANKS
+++ b/THANKS
@@ -284,6 +284,7 @@ in various ways.  If we missed your name, let us know.
 * Lou Sneddon
 * Mark Spieth
 * Stig Sandbeck
+* Stefan Schurtz
 * Tim Starling
 * Thomas Stolle
 * Kevin Stone
diff --git a/cgi/config.c b/cgi/config.c
index e6939a0..28f277e 100644
--- a/cgi/config.c
+++ b/cgi/config.c
@@ -429,7 +429,7 @@ int process_cgivars(void){
 				error=TRUE;
 				break;
 			}
-			strncpy(to_expand,variables[x],MAX_COMMAND_BUFFER);
+			strncpy(to_expand,escape_string(variables[x]),MAX_COMMAND_BUFFER);
 			to_expand[MAX_COMMAND_BUFFER-1]='\0';
 		}
 





More information about the icinga-checkins mailing list