[Pkg-nagios-changes] [pkg-nagios] r1663 - in nagios3/trunk/debian: . patches

Mon Jun 29 11:57:15 UTC 2009

Author: formorer
Date: 2009-06-29 11:57:12 +0000 (Mon, 29 Jun 2009)
New Revision: 1663

Added:
   nagios3/trunk/debian/patches/95_security_statuswml_SA35543.dpatch
Modified:
   nagios3/trunk/debian/changelog
   nagios3/trunk/debian/patches/00list
Log:
Add patch for SA35543


Modified: nagios3/trunk/debian/changelog
===================================================================

--- nagios3/trunk/debian/changelog	2009-06-22 15:15:15 UTC (rev 1662)
+++ nagios3/trunk/debian/changelog	2009-06-29 11:57:12 UTC (rev 1663)
@@ -1,3 +1,10 @@
+nagios3 (3.0.6-5) unstable; urgency=low
+
+  * Fix Command Injection Vulnerability in statuswml.cgi.
+    This applies for SA35543.
+
+ -- Alexander Wirt <formorer at debian.org>  Mon, 29 Jun 2009 13:55:45 +0200
+
 nagios3 (3.0.6-4) unstable; urgency=low
 
   * Fix syntax error in nagios3-common.prerm 

Modified: nagios3/trunk/debian/patches/00list
===================================================================
--- nagios3/trunk/debian/patches/00list	2009-06-22 15:15:15 UTC (rev 1662)
+++ nagios3/trunk/debian/patches/00list	2009-06-29 11:57:12 UTC (rev 1663)
@@ -7,3 +7,4 @@
 70_fix_eventhandler_paths.dpatch
 80_fix_encoding_trends.cgi.dpatch
 90_fix_forced_servicechecks.dpatch
+95_security_statuswml_SA35543.dpatch

Added: nagios3/trunk/debian/patches/95_security_statuswml_SA35543.dpatch
===================================================================
--- nagios3/trunk/debian/patches/95_security_statuswml_SA35543.dpatch	                        (rev 0)
+++ nagios3/trunk/debian/patches/95_security_statuswml_SA35543.dpatch	2009-06-29 11:57:12 UTC (rev 1663)
@@ -0,0 +1,59 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 95_security_statuswml_SA35543.dpatch by Alexander Wirt <formorer at debian.org>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: No description.
+
+ at DPATCH@
+diff -urNad nagios3-3.0.6~/cgi/statuswml.c nagios3-3.0.6/cgi/statuswml.c
+--- nagios3-3.0.6~/cgi/statuswml.c	2008-11-30 19:13:11.000000000 +0100
++++ nagios3-3.0.6/cgi/statuswml.c	2009-06-29 13:54:28.000000000 +0200
+@@ -67,6 +67,8 @@
+ void document_header(void);
+ void document_footer(void);
+ int process_cgivars(void);
++int validate_arguments(void);
++int is_valid_hostip(char *hostip);
+ 
+ int display_type=DISPLAY_INDEX;
+ int hostgroup_style=DISPLAY_HOSTGROUP_SUMMARY;
+@@ -108,6 +110,13 @@
+ 
+ 	document_header();
+ 
++	/* validate arguments in URL */
++	result=validate_arguments();
++	if(result==ERROR){
++		document_footer();
++		return ERROR;
++	        }
++	
+ 	/* read the CGI configuration file */
+ 	result=read_cgi_config_file(get_cgi_config_location());
+ 	if(result==ERROR){
+@@ -334,7 +343,25 @@
+ 	return error;
+         }
+ 
++int validate_arguments(void){
++	int result=OK;
++	if((strcmp(ping_address,"")) && !is_valid_hostip(ping_address)) {
++		printf("<p>Invalid host name/ip</p>\n");
++		result=ERROR;
++		}
++	if(strcmp(traceroute_address,"") && !is_valid_hostip(traceroute_address)){
++		printf("<p>Invalid host name/ip</p>\n");
++		result=ERROR;
++		}
++	return result;
++	}
+ 
++int is_valid_hostip(char *hostip) {
++	char *valid_domain_chars="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-";
++	if(strcmp(hostip,"") && strlen(hostip)==strspn(hostip,valid_domain_chars) && hostip[0] != '-' && hostip[strlen(hostip)-1] != '-')
++		return TRUE;
++	return FALSE;
++	}
+ 
+ /* main intro screen */
+ void display_index(void){


Property changes on: nagios3/trunk/debian/patches/95_security_statuswml_SA35543.dpatch
___________________________________________________________________
Added: svn:executable
   + *


