diff options
| author | jim-p <jimp@pfsense.org> | 2015-03-31 09:26:04 -0400 |
|---|---|---|
| committer | jim-p <jimp@pfsense.org> | 2015-03-31 09:26:04 -0400 |
| commit | 05a463843a9dbb4901974f22fb361873adcaae4b (patch) | |
| tree | d757d264f41abc43cdd2e7b9bbbf28d3c835f1f0 | |
| parent | 807cdae39e9e5d836f40d9b1a828bd3d71a9013c (diff) | |
| download | pfsense-05a463843a9dbb4901974f22fb361873adcaae4b.zip pfsense-05a463843a9dbb4901974f22fb361873adcaae4b.tar.gz | |
Fix a few misc encoding issues in load balancer code.
| -rw-r--r-- | usr/local/www/classes/maintable.inc | 9 | ||||
| -rw-r--r-- | usr/local/www/load_balancer_monitor_edit.php | 7 | ||||
| -rw-r--r-- | usr/local/www/load_balancer_pool.php | 2 | ||||
| -rw-r--r-- | usr/local/www/load_balancer_pool_edit.php | 11 | ||||
| -rw-r--r-- | usr/local/www/load_balancer_virtual_server.php | 4 | ||||
| -rw-r--r-- | usr/local/www/load_balancer_virtual_server_edit.php | 3 |
6 files changed, 26 insertions, 10 deletions
diff --git a/usr/local/www/classes/maintable.inc b/usr/local/www/classes/maintable.inc index 6d3cfa9..49d614e 100644 --- a/usr/local/www/classes/maintable.inc +++ b/usr/local/www/classes/maintable.inc @@ -107,6 +107,7 @@ class MainTable { private function display_rows() { global $g; $cur_row = 0; + $encode_cols = array("name", "descr"); foreach ($this->content as $row) { echo "<tr>\n"; for ($col = 0; $col < $this->columns - 1; $col++) { @@ -118,15 +119,21 @@ class MainTable { echo " <td class=\"{$cl}\" onclick=\"fr_toggle({$cur_row})\" id=\"frd{$cur_row}\" ondblclick=\"document.location='{$this->edit_uri}?id={$cur_row}'\">\n"; if (is_array($row[$this->cname[$col]])) { foreach ($row[$this->cname[$col]] as $data) { + if (in_array($this->cname[$col], $encode_cols)) { + $data = htmlspecialchars($data); + } echo " {$data}<br />\n"; } } else { + if (in_array($this->cname[$col], $encode_cols)) { + $row[$this->cname[$col]] = htmlspecialchars($row[$this->cname[$col]]); + } echo " " . $row[$this->cname[$col]] . "\n"; } echo " </td>\n"; } echo " <td class=\"listbg\" onclick=\"fr_toggle({$cur_row})\" id=\"frd{$cur_row}\" ondblclick=\"document.location='{$this->edit_uri}?id={$cur_row}'\">\n"; - echo " <font color=\"#FFFFFF\">{$row[$this->cname[$this->columns - 1]]}</font>\n"; + echo " <font color=\"#FFFFFF\">" . htmlspecialchars($row[$this->cname[$this->columns - 1]]) . "</font>\n"; echo " </td>\n"; echo " <td class=\"list nowrap\">\n"; $this->display_buttons($cur_row); diff --git a/usr/local/www/load_balancer_monitor_edit.php b/usr/local/www/load_balancer_monitor_edit.php index 1f30a4f..280244b 100644 --- a/usr/local/www/load_balancer_monitor_edit.php +++ b/usr/local/www/load_balancer_monitor_edit.php @@ -97,8 +97,11 @@ if ($_POST) { if (($_POST['name'] == $config['load_balancer']['monitor_type'][$i]['name']) && ($i != $id)) $input_errors[] = gettext("This monitor name has already been used. Monitor names must be unique."); - if (strpos($_POST['name'], " ") !== false) - $input_errors[] = gettext("You cannot use spaces in the 'name' field."); + if (preg_match('/[ \/]/', $_POST['name'])) + $input_errors[] = gettext("You cannot use spaces or slashes in the 'name' field."); + + if (strlen($_POST['name']) > 16) + $input_errors[] = gettext("The 'name' field must be 16 characters or less."); switch($_POST['type']) { case 'icmp': { diff --git a/usr/local/www/load_balancer_pool.php b/usr/local/www/load_balancer_pool.php index a52cc9a..46e4e1c 100644 --- a/usr/local/www/load_balancer_pool.php +++ b/usr/local/www/load_balancer_pool.php @@ -92,7 +92,7 @@ for ($i = 0; isset($config['load_balancer']['monitor_type'][$i]); $i++) { $mondex[$config['load_balancer']['monitor_type'][$i]['name']] = $i; } for ($i = 0; isset($config['load_balancer']['lbpool'][$i]); $i++) { - $a_pool[$i]['monitor'] = "<a href=\"/load_balancer_monitor_edit.php?id={$mondex[$a_pool[$i]['monitor']]}\">{$a_pool[$i]['monitor']}</a>"; + $a_pool[$i]['monitor'] = "<a href=\"/load_balancer_monitor_edit.php?id={$mondex[$a_pool[$i]['monitor']]}\">" . htmlspecialchars($a_pool[$i]['monitor']) . "</a>"; } $pgtitle = array(gettext("Services"), gettext("Load Balancer"),gettext("Pool")); diff --git a/usr/local/www/load_balancer_pool_edit.php b/usr/local/www/load_balancer_pool_edit.php index f3b0dca..4eaa6f0 100644 --- a/usr/local/www/load_balancer_pool_edit.php +++ b/usr/local/www/load_balancer_pool_edit.php @@ -87,8 +87,11 @@ if ($_POST) { if (($_POST['name'] == $config['load_balancer']['lbpool'][$i]['name']) && ($i != $id)) $input_errors[] = gettext("This pool name has already been used. Pool names must be unique."); - if (strpos($_POST['name'], " ") !== false) - $input_errors[] = gettext("You cannot use spaces in the 'name' field."); + if (preg_match('/[ \/]/', $_POST['name'])) + $input_errors[] = gettext("You cannot use spaces or slashes in the 'name' field."); + + if (strlen($_POST['name']) > 16) + $input_errors[] = gettext("The 'name' field must be 16 characters or less."); if (in_array($_POST['name'], $reserved_table_names)) $input_errors[] = sprintf(gettext("The name '%s' is a reserved word and cannot be used."), $_POST['name']); @@ -200,7 +203,7 @@ function clearcombo(){ <tr align="left"> <td width="22%" valign="top" class="vncellreq"><?=gettext("Name"); ?></td> <td width="78%" class="vtable" colspan="2"> - <input name="name" type="text" <?if(isset($pconfig['name'])) echo "value=\"{$pconfig['name']}\"";?> size="16" maxlength="16" /> + <input name="name" type="text" <?if(isset($pconfig['name'])) echo "value=\"" . htmlspecialchars($pconfig['name']) . "\"";?> size="16" maxlength="16" /> </td> </tr> <tr align="left"> @@ -215,7 +218,7 @@ function clearcombo(){ <tr align="left"> <td width="22%" valign="top" class="vncell"><?=gettext("Description"); ?></td> <td width="78%" class="vtable" colspan="2"> - <input name="descr" type="text" <?if(isset($pconfig['descr'])) echo "value=\"{$pconfig['descr']}\"";?> size="64" /> + <input name="descr" type="text" <?if(isset($pconfig['descr'])) echo "value=\"" . htmlspecialchars($pconfig['descr']) . "\"";?> size="64" /> </td> </tr> diff --git a/usr/local/www/load_balancer_virtual_server.php b/usr/local/www/load_balancer_virtual_server.php index aa5e074..04a4d7b 100644 --- a/usr/local/www/load_balancer_virtual_server.php +++ b/usr/local/www/load_balancer_virtual_server.php @@ -87,9 +87,9 @@ for ($i = 0; isset($config['load_balancer']['lbpool'][$i]); $i++) { } for ($i = 0; isset($config['load_balancer']['virtual_server'][$i]); $i++) { if($a_vs[$i]) { - $a_vs[$i]['poolname'] = "<a href=\"/load_balancer_pool_edit.php?id={$poodex[$a_vs[$i]['poolname']]}\">{$a_vs[$i]['poolname']}</a>"; + $a_vs[$i]['poolname'] = "<a href=\"/load_balancer_pool_edit.php?id={$poodex[$a_vs[$i]['poolname']]}\">" . htmlspecialchars($a_vs[$i]['poolname']) . "</a>"; if ($a_vs[$i]['sitedown'] != '') { - $a_vs[$i]['sitedown'] = "<a href=\"/load_balancer_pool_edit.php?id={$poodex[$a_vs[$i]['sitedown']]}\">{$a_vs[$i]['sitedown']}</a>"; + $a_vs[$i]['sitedown'] = "<a href=\"/load_balancer_pool_edit.php?id={$poodex[$a_vs[$i]['sitedown']]}\">" . htmlspecialchars($a_vs[$i]['sitedown']) . "</a>"; } else { $a_vs[$i]['sitedown'] = 'none'; } diff --git a/usr/local/www/load_balancer_virtual_server_edit.php b/usr/local/www/load_balancer_virtual_server_edit.php index 98303a0..102b520 100644 --- a/usr/local/www/load_balancer_virtual_server_edit.php +++ b/usr/local/www/load_balancer_virtual_server_edit.php @@ -92,6 +92,9 @@ if ($_POST) { if (preg_match('/[ \/]/', $_POST['name'])) $input_errors[] = gettext("You cannot use spaces or slashes in the 'name' field."); + if (strlen($_POST['name']) > 32) + $input_errors[] = gettext("The 'name' field must be 32 characters or less."); + if ($_POST['port'] != "" && !is_portoralias($_POST['port'])) $input_errors[] = gettext("The port must be an integer between 1 and 65535, a port alias, or left blank."); |
