diff options
| author | Renato Botelho <garga@FreeBSD.org> | 2014-02-03 14:55:01 -0200 |
|---|---|---|
| committer | Renato Botelho <garga@FreeBSD.org> | 2014-02-04 12:34:41 -0200 |
| commit | 873c1701a8934ac9a10284fe794eb86db1cead68 (patch) | |
| tree | f33e957b3983ada067702e87540caa3b273ea7e2 | |
| parent | 4f188f54abf44ebe82c317ceee7555c7bd00e7ba (diff) | |
| download | pfsense-873c1701a8934ac9a10284fe794eb86db1cead68.zip pfsense-873c1701a8934ac9a10284fe794eb86db1cead68.tar.gz | |
Add escapeshellarg() calls on exec parameters. While I'm here, replace some exec() calls by php functions like symlink, copy, unlink, mkdir
| -rwxr-xr-x | etc/ecl.php | 6 | ||||
| -rw-r--r-- | etc/inc/filter_log.inc | 8 | ||||
| -rw-r--r-- | etc/inc/interfaces.inc | 74 | ||||
| -rw-r--r-- | etc/inc/ipsec.attributes.php | 2 | ||||
| -rw-r--r-- | etc/inc/openvpn.attributes.php | 2 | ||||
| -rw-r--r-- | etc/inc/openvpn.inc | 14 | ||||
| -rw-r--r-- | etc/inc/pfsense-utils.inc | 22 | ||||
| -rw-r--r-- | etc/inc/pkg-utils.inc | 14 | ||||
| -rw-r--r-- | etc/inc/rrd.inc | 4 | ||||
| -rw-r--r-- | etc/inc/service-utils.inc | 2 | ||||
| -rw-r--r-- | etc/inc/shaper.inc | 2 | ||||
| -rw-r--r-- | etc/inc/system.inc | 7 | ||||
| -rw-r--r-- | etc/inc/upgrade_config.inc | 6 | ||||
| -rw-r--r-- | etc/inc/util.inc | 12 |
14 files changed, 87 insertions, 88 deletions
diff --git a/etc/ecl.php b/etc/ecl.php index c8eae9c..0fd0e74 100755 --- a/etc/ecl.php +++ b/etc/ecl.php @@ -50,7 +50,7 @@ function get_swap_disks() { function get_disk_slices($disk) { global $g, $debug; $slices_array = array(); - $slices = trim(exec("/bin/ls /dev/{$disk}s* 2>/dev/null")); + $slices = trim(exec("/bin/ls " . escapeshellarg("/dev/" . $disk . "s*") . " 2>/dev/null")); $slices = str_replace("/dev/", "", $slices); if($slices == "ls: No match.") return; @@ -61,7 +61,7 @@ function get_disk_slices($disk) { function get_disks() { global $g, $debug; $disks_array = array(); - $disks = exec("/sbin/sysctl kern.disks | cut -d':' -f2"); + $disks = exec("/sbin/sysctl -n kern.disks"); $disks_s = explode(" ", $disks); foreach($disks_s as $disk) if(trim($disk)) @@ -91,7 +91,7 @@ function test_config($file_location) { return; // config.xml was found. ensure it is sound. $root_obj = trim("<{$g['xml_rootobj']}>"); - $xml_file_head = exec("/usr/bin/head -2 {$file_location} | /usr/bin/tail -n1"); + $xml_file_head = exec("/usr/bin/head -2 " . escapeshellarg($file_location) . " | /usr/bin/tail -n1"); if($debug) { echo "\nroot obj = $root_obj"; echo "\nfile head = $xml_file_head"; diff --git a/etc/inc/filter_log.inc b/etc/inc/filter_log.inc index 71e5495..c83c1e7 100644 --- a/etc/inc/filter_log.inc +++ b/etc/inc/filter_log.inc @@ -55,9 +55,9 @@ function conv_log_filter($logfile, $nentries, $tail = 50, $filtertext = "", $fil $logarr = ""; if(isset($config['system']['usefifolog'])) - exec("/usr/sbin/fifolog_reader {$logfile} | /usr/bin/tail -r -n {$tail}", $logarr); + exec("/usr/sbin/fifolog_reader " . escapeshellarg($logfile) . " | /usr/bin/tail -r -n {$tail}", $logarr); else - exec("/usr/sbin/clog {$logfile} | grep -v \"CLOG\" | grep -v \"\033\" | /usr/bin/tail -r -n {$tail}", $logarr); + exec("/usr/sbin/clog " . escapeshellarg($logfile) . " | grep -v \"CLOG\" | grep -v \"\033\" | /usr/bin/tail -r -n {$tail}", $logarr); $filterlog = array(); $counter = 0; @@ -268,9 +268,9 @@ function find_rule_by_number($rulenum, $type="rules") { $_gb = exec("/sbin/pfctl -vvPsn -a \"miniupnpd\" | grep '^@'", $buffer); else { if (file_exists("{$g['tmp_path']}/rules.debug")) - $_gb = exec("/sbin/pfctl -vvPnf {$g['tmp_path']}/rules.debug 2>/dev/null | /usr/bin/egrep '^@{$rulenum} {$type}'", $buffer); + $_gb = exec("/sbin/pfctl -vvPnf {$g['tmp_path']}/rules.debug 2>/dev/null | /usr/bin/egrep '^@" . escapeshellarg($rulenum) . " " . escapeshellarg($type) . "'", $buffer); else - $_gb = exec("/sbin/pfctl -vvPsr | grep '^@{$rulenum}'", $buffer); + $_gb = exec("/sbin/pfctl -vvPsr | grep '^@" . escapeshellarg($rulenum) . "'", $buffer); } if (is_array($buffer)) return $buffer[0]; diff --git a/etc/inc/interfaces.inc b/etc/inc/interfaces.inc index 265ff44..2e4a8d5 100644 --- a/etc/inc/interfaces.inc +++ b/etc/inc/interfaces.inc @@ -612,9 +612,9 @@ function interface_bridge_configure(&$bridge, $checkmember = 0) { } if ($bridge['maxaddr'] <> "") - mwexec("/sbin/ifconfig {$bridgeif} maxaddr {$bridge['maxaddr']}"); + mwexec("/sbin/ifconfig {$bridgeif} maxaddr " . escapeshellarg($bridge['maxaddr'])); if ($bridge['timeout'] <> "") - mwexec("/sbin/ifconfig {$bridgeif} timeout {$bridge['timeout']}"); + mwexec("/sbin/ifconfig {$bridgeif} timeout " . escapeshellarg($bridge['timeout'])); if ($bridge['span'] <> "") { $realif = get_real_interface($bridge['span']); mwexec("/sbin/ifconfig {$bridgeif} span {$realif}"); @@ -808,7 +808,7 @@ function interface_lagg_configure(&$lagg) { mwexec("/sbin/ifconfig {$laggif} laggport {$member}"); } - mwexec("/sbin/ifconfig {$laggif} laggproto {$lagg['proto']}"); + mwexec("/sbin/ifconfig {$laggif} laggproto " . escapeshellarg($lagg['proto'])); interfaces_bring_up($laggif); @@ -864,11 +864,11 @@ function interface_gre_configure(&$gre, $grekey = "") { $greif = pfSense_interface_create("gre"); /* Do not change the order here for more see gre(4) NOTES section. */ - mwexec("/sbin/ifconfig {$greif} tunnel {$realifip} {$gre['remote-addr']}"); + mwexec("/sbin/ifconfig {$greif} tunnel {$realifip} " . escapeshellarg($gre['remote-addr'])); if((is_ipaddrv6($gre['tunnel-local-addr'])) || (is_ipaddrv6($gre['tunnel-remote-addr']))) { - mwexec("/sbin/ifconfig {$greif} inet6 {$gre['tunnel-local-addr']} {$gre['tunnel-remote-addr']} prefixlen /{$gre['tunnel-remote-net']} "); + mwexec("/sbin/ifconfig {$greif} inet6 " . escapeshellarg($gre['tunnel-local-addr']) . " " . escapeshellarg($gre['tunnel-remote-addr']) . " prefixlen /" . escapeshellarg($gre['tunnel-remote-net'])); } else { - mwexec("/sbin/ifconfig {$greif} {$gre['tunnel-local-addr']} {$gre['tunnel-remote-addr']} netmask " . gen_subnet_mask($gre['tunnel-remote-net'])); + mwexec("/sbin/ifconfig {$greif} " . escapeshellarg($gre['tunnel-local-addr']) . " " . escapeshellarg($gre['tunnel-remote-addr']) . " netmask " . gen_subnet_mask($gre['tunnel-remote-net'])); } if (isset($gre['link0'])) pfSense_interface_flags($greif, IFF_LINK0); @@ -883,7 +883,7 @@ function interface_gre_configure(&$gre, $grekey = "") { log_error(gettext("Could not bring greif up -- variable not defined.")); if (isset($gre['link1']) && $gre['link1']) - mwexec("/sbin/route add {$gre['tunnel-remote-addr']}/{$gre['tunnel-remote-net']} {$gre['tunnel-local-addr']}"); + mwexec("/sbin/route add " . escapeshellarg($gre['tunnel-remote-addr']) . "/" . escapeshellarg($gre['tunnel-remote-net']) . " " . escapeshellarg($gre['tunnel-local-addr'])); if(is_ipaddrv4($gre['tunnel-remote-addr'])) file_put_contents("{$g['tmp_path']}/{$greif}_router", $gre['tunnel-remote-addr']); if(is_ipaddrv6($gre['tunnel-remote-addr'])) @@ -957,11 +957,11 @@ function interface_gif_configure(&$gif, $gifkey = "") { $gifif = pfSense_interface_create("gif"); /* Do not change the order here for more see gif(4) NOTES section. */ - mwexec("/sbin/ifconfig {$gifif} tunnel {$realifip} {$gif['remote-addr']}"); + mwexec("/sbin/ifconfig {$gifif} tunnel {$realifip} " . escapeshellarg($gif['remote-addr'])); if((is_ipaddrv6($gif['tunnel-local-addr'])) || (is_ipaddrv6($gif['tunnel-remote-addr']))) { - mwexec("/sbin/ifconfig {$gifif} inet6 {$gif['tunnel-local-addr']} {$gif['tunnel-remote-addr']} prefixlen /{$gif['tunnel-remote-net']} "); + mwexec("/sbin/ifconfig {$gifif} inet6 " . escapeshellarg($gif['tunnel-local-addr']) . " " . escapeshellarg($gif['tunnel-remote-addr']) . " prefixlen /" . escapeshellarg($gif['tunnel-remote-net'])); } else { - mwexec("/sbin/ifconfig {$gifif} {$gif['tunnel-local-addr']} {$gif['tunnel-remote-addr']} netmask " . gen_subnet_mask($gif['tunnel-remote-net'])); + mwexec("/sbin/ifconfig {$gifif} " . escapeshellarg($gif['tunnel-local-addr']) . " " . escapeshellarg($gif['tunnel-remote-addr']) . " netmask " . gen_subnet_mask($gif['tunnel-remote-net'])); } if (isset($gif['link0'])) pfSense_interface_flags($gifif, IFF_LINK0); @@ -993,10 +993,10 @@ function interface_gif_configure(&$gif, $gifkey = "") { file_put_contents("{$g['tmp_path']}/{$gifif}_routerv6", $gif['tunnel-remote-addr']); if (is_ipaddrv4($realifgw)) { - mwexec("/sbin/route change -host {$gif['remote-addr']} {$realifgw}"); + mwexec("/sbin/route change -host " . escapeshellarg($gif['remote-addr']) . " {$realifgw}"); } if (is_ipaddrv6($realifgw)) { - mwexec("/sbin/route change -host -inet6 {$gif['remote-addr']} {$realifgw}"); + mwexec("/sbin/route change -host -inet6 " . escapeshellarg($gif['remote-addr']) . " {$realifgw}"); } return $gifif; @@ -1157,7 +1157,7 @@ function interface_vip_bring_down($vip) { case "ipalias": if (does_interface_exist($vipif)) { if (is_ipaddrv6($vip['subnet'])) - mwexec("/sbin/ifconfig {$vipif} inet6 {$vip['subnet']} -alias"); + mwexec("/sbin/ifconfig {$vipif} inet6 " . escapeshellarg($vip['subnet']) . " -alias"); else pfSense_interface_deladdress($vipif, $vip['subnet']); } @@ -1240,7 +1240,7 @@ function interface_bring_down($interface = "wan", $destroy = false, $ifacecfg = mwexec("/sbin/ifconfig " . escapeshellarg($realif) . " delete", true); if ($destroy == true) pfSense_interface_flags($realif, -IFF_UP); - mwexec("/usr/sbin/arp -d -i {$realif} -a"); + mwexec("/usr/sbin/arp -d -i " . escapeshellarg($realif) . " -a"); } break; default: @@ -1248,7 +1248,7 @@ function interface_bring_down($interface = "wan", $destroy = false, $ifacecfg = mwexec("/sbin/ifconfig " . escapeshellarg($realif) . " delete", true); if ($destroy == true) pfSense_interface_flags($realif, -IFF_UP); - mwexec("/usr/sbin/arp -d -i {$realif} -a"); + mwexec("/usr/sbin/arp -d -i " . escapeshellarg($realif) . " -a"); } break; } @@ -1267,7 +1267,7 @@ function interface_bring_down($interface = "wan", $destroy = false, $ifacecfg = mwexec("/sbin/ifconfig " . escapeshellarg($realifv6) . " inet6 {$ip6} delete", true); if ($destroy == true) pfSense_interface_flags($realif, -IFF_UP); - mwexec("/usr/sbin/arp -d -i {$realif} -a"); + mwexec("/usr/sbin/arp -d -i " . escapeshellarg($realif) . " -a"); } break; case "6rd": @@ -1290,7 +1290,7 @@ function interface_bring_down($interface = "wan", $destroy = false, $ifacecfg = mwexec("/sbin/ifconfig " . escapeshellarg($realif) . " inet6 {$ifcfg['ipaddrv6']} delete", true); if ($destroy == true) pfSense_interface_flags($realif, -IFF_UP); - mwexec("/usr/sbin/arp -d -i {$realif} -a"); + mwexec("/usr/sbin/arp -d -i " . escapeshellarg($realif) . " -a"); } break; } @@ -1300,7 +1300,7 @@ function interface_bring_down($interface = "wan", $destroy = false, $ifacecfg = // log_error("Checking for old router states: {$g['tmp_path']}/{$realif}_router = {$old_router}"); if (!empty($old_router)) { log_error("Clearing states to old gateway {$old_router}."); - mwexec("/sbin/pfctl -i {$realif} -Fs -G {$old_router}"); + mwexec("/sbin/pfctl -i " . escapeshellarg($realif) . " -Fs -G {$old_router}"); } /* remove interface up file if it exists */ @@ -1455,12 +1455,11 @@ function interface_ppps_configure($interface) { // mpd5 requires a /var/spool/lock directory for PPP modem links. if(!is_dir("/var/spool/lock")) { - exec("/bin/mkdir -p /var/spool/lock"); - exec("/bin/chmod a+rw /var/spool/lock/."); + mkdir("/var/spool/lock", 0777, true); } // mpd5 modem chat script expected in the same directory as the mpd_xxx.conf files if (!file_exists("{$g['varetc_path']}/mpd.script")) - mwexec("/bin/ln -s /usr/local/sbin/mpd.script {$g['varetc_path']}/."); + symlink("/usr/local/sbin/mpd.script", "{$g['varetc_path']}/."); if (is_array($config['ppps']['ppp']) && count($config['ppps']['ppp'])) { foreach ($config['ppps']['ppp'] as $pppid => $ppp) { @@ -1806,7 +1805,7 @@ EOD; /* Generate mpd.conf. If mpd_[interface].conf exists in the conf path, then link to it instead of generating a fresh conf file. */ if (file_exists("{$g['conf_path']}/mpd_{$interface}.conf")) - mwexec("/bin/ln -s {$g['conf_path']}/mpd_{$interface}.conf {$g['varetc_path']}/."); + symlink("{$g['conf_path']}/mpd_{$interface}.conf", "{$g['varetc_path']}/."); else { $fd = fopen("{$g['varetc_path']}/mpd_{$interface}.conf", "w"); if (!$fd) { @@ -1823,13 +1822,13 @@ EOD; if (isset($ppp['uptime'])) { if (!file_exists("/conf/{$pppif}.log")) { conf_mount_rw(); - mwexec("echo /dev/null > /conf/{$pppif}.log"); + file_put_contents("/conf/{$pppif}.log", ''); conf_mount_ro(); } } else { if (file_exists("/conf/{$pppif}.log")) { conf_mount_rw(); - mwexec("rm -f /conf/{$pppif}.log"); + unlink("/conf/{$pppif}.log"); conf_mount_ro(); } } @@ -1841,7 +1840,8 @@ EOD; } /* fire up mpd */ - mwexec("/usr/local/sbin/mpd5 -b -k -d {$g['varetc_path']} -f mpd_{$interface}.conf -p {$g['varrun_path']}/{$ppp['type']}_{$interface}.pid -s ppp {$ppp['type']}client"); + mwexec("/usr/local/sbin/mpd5 -b -k -d {$g['varetc_path']} -f mpd_{$interface}.conf -p {$g['varrun_path']}/" . + escapeshellarg($ppp['type']) . "_{$interface}.pid -s ppp " . escapeshellarg($ppp['type']) . "client"); // Check for PPPoE periodic reset request if ($type == "pppoe") { @@ -1853,7 +1853,7 @@ EOD; /* wait for upto 10 seconds for the interface to appear (ppp(oe)) */ $i = 0; while($i < 10) { - exec("/sbin/ifconfig {$ppp['if']} 2>&1", $out, $ret); + exec("/sbin/ifconfig " . escapeshellarg($ppp['if']) . " 2>&1", $out, $ret); if($ret == 0) break; sleep(1); @@ -2159,14 +2159,14 @@ function interface_carp_configure(&$vip) { $advbase = ""; if (!empty($vip['advbase'])) - $advbase = "advbase {$vip['advbase']}"; + $advbase = "advbase " . escapeshellarg($vip['advbase']); if (is_ipaddrv4($vip['subnet'])) - mwexec("/sbin/ifconfig {$realif} {$vip['subnet']}/{$vip['subnet_bits']} alias"); + mwexec("/sbin/ifconfig {$realif} " . escapeshellarg($vip['subnet']) . "/" . escapeshellarg($vip['subnet_bits']) . " alias"); else if (is_ipaddrv6($vip['subnet'])) - mwexec("/sbin/ifconfig {$realif} inet6 {$vip['subnet']} prefixlen {$vip['subnet_bits']}"); + mwexec("/sbin/ifconfig {$realif} inet6 " . escapeshellarg($vip['subnet']) . " prefixlen " . escapeshellarg($vip['subnet_bits'])); - mwexec("/sbin/ifconfig {$realif} vhid {$vip['vhid']} advskew {$vip['advskew']} {$advbase} {$password}"); + mwexec("/sbin/ifconfig {$realif} vhid " . escapeshellarg($vip['vhid']) . " advskew " . escapeshellarg($vip['advskew']) . " {$advbase} {$password}"); return $realif; } @@ -2194,7 +2194,7 @@ function interface_wireless_clone($realif, $wlcfg) { } $baseif = interface_get_wireless_base($wlcfg['if']); if(does_interface_exist($realif)) { - exec("/sbin/ifconfig {$realif}", $output, $ret); + exec("/sbin/ifconfig " . escapeshellarg($realif), $output, $ret); $ifconfig_str = implode($output); if(($wlcfg_mode == "hostap") && (! preg_match("/hostap/si", $ifconfig_str))) { log_error(sprintf(gettext("Interface %s changed to hostap mode"), $realif)); @@ -2696,7 +2696,7 @@ EOD; if ( !empty($friendly_if) && $config['interfaces'][$friendly_if]['wireless']['mode'] == "bss" && isset($config['interfaces'][$friendly_if]['wireless']['wpa']['enable']) ) { - mwexec("/bin/sh {$g['tmp_path']}/{$clone_if}_setup.sh"); + mwexec("/bin/sh {$g['tmp_path']}/" . escapeshellarg($clone_if) . "_setup.sh"); } } } @@ -2704,16 +2704,16 @@ EOD; /* The mode must be specified in a separate command before ifconfig * will allow the mode and channel at the same time in the next. */ - mwexec("/sbin/ifconfig {$if} mode " . escapeshellarg($standard)); + mwexec("/sbin/ifconfig " . escapeshellarg($if) . " mode " . escapeshellarg($standard)); /* configure wireless */ $wlcmd_args = implode(" ", $wlcmd); - mwexec("/sbin/ifconfig {$if} $wlcmd_args", false); + mwexec("/sbin/ifconfig " . escapeshellarg($if) . " " . $wlcmd_args, false); sleep(1); /* execute hostapd and wpa_supplicant if required in shell */ - mwexec("/bin/sh {$g['tmp_path']}/{$if}_setup.sh"); + mwexec("/bin/sh {$g['tmp_path']}/" . escapeshellarg($if) . "_setup.sh"); return 0; @@ -3016,7 +3016,7 @@ function interface_configure($interface = "wan", $reloadall = false, $linkupeven if (is_ipaddrv6($wancfg['ipaddrv6']) && $wancfg['subnetv6'] <> "") { //pfSense_interface_setaddress($realif, "{$wancfg['ipaddrv6']}/{$wancfg['subnetv6']}"); // FIXME: Add IPv6 Support to the pfSense module - mwexec("/sbin/ifconfig {$realif} inet6 {$wancfg['ipaddrv6']} prefixlen {$wancfg['subnetv6']} "); + mwexec("/sbin/ifconfig " . escapeshellarg($realif) . " inet6 {$wancfg['ipaddrv6']} prefixlen " . escapeshellarg($wancfg['subnetv6'])); } break; } @@ -3973,7 +3973,7 @@ function is_interface_group($if) { function interface_group_add_member($interface, $groupname) { $interface = get_real_interface($interface); - mwexec("/sbin/ifconfig {$interface} group {$groupname}", true); + mwexec("/sbin/ifconfig {$interface} group " . escapeshellarg($groupname), true); } /* COMPAT Function */ diff --git a/etc/inc/ipsec.attributes.php b/etc/inc/ipsec.attributes.php index 7e7ce2e..e30fc4c 100644 --- a/etc/inc/ipsec.attributes.php +++ b/etc/inc/ipsec.attributes.php @@ -177,7 +177,7 @@ $rules = parse_cisco_acl($attributes); if (!empty($rules)) { $pid = posix_getpid(); @file_put_contents("/tmp/ipsec_{$pid}{$common_name}.rules", $rules); - mwexec("/sbin/pfctl -a \"ipsec/{$common_name}\" -f {$g['tmp_path']}/ipsec_{$pid}{$common_name}.rules"); + mwexec("/sbin/pfctl -a \"ipsec/" . escapeshellarg($common_name) . "\" -f {$g['tmp_path']}/ipsec_{$pid}" . escapeshellarg($common_name) . ".rules"); @unlink("{$g['tmp_path']}/ipsec_{$pid}{$common_name}.rules"); } diff --git a/etc/inc/openvpn.attributes.php b/etc/inc/openvpn.attributes.php index 2f7e121..31ec7f5 100644 --- a/etc/inc/openvpn.attributes.php +++ b/etc/inc/openvpn.attributes.php @@ -179,7 +179,7 @@ $rules = parse_cisco_acl($attributes); if (!empty($rules)) { $pid = posix_getpid(); @file_put_contents("/tmp/ovpn_{$pid}{$common_name}.rules", $rules); - mwexec("/sbin/pfctl -a \"openvpn/{$common_name}\" -f {$g['tmp_path']}/ovpn_{$pid}{$common_name}.rules"); + mwexec("/sbin/pfctl -a \"openvpn/" . escapeshellarg($common_name) . "\" -f {$g['tmp_path']}/ovpn_{$pid}" . escapeshellarg($common_name) . ".rules"); @unlink("{$g['tmp_path']}/ovpn_{$pid}{$common_name}.rules"); } diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc index 509089b..c9f67d5 100644 --- a/etc/inc/openvpn.inc +++ b/etc/inc/openvpn.inc @@ -420,13 +420,13 @@ function openvpn_reconfigure($mode, $settings) { /* create the tap device if required */ if (!file_exists("/dev/{$tunname}")) - exec("/sbin/ifconfig {$tunname} create"); + exec("/sbin/ifconfig " . escapeshellarg($tunname) . " create"); /* rename the device */ - mwexec("/sbin/ifconfig {$tunname} name {$devname}"); + mwexec("/sbin/ifconfig " . escapeshellarg($tunname) . " name " . escapeshellarg($devname)); /* add the device to the openvpn group */ - mwexec("/sbin/ifconfig {$devname} group openvpn"); + mwexec("/sbin/ifconfig " . escapeshellarg($devname) . " group openvpn"); } $pfile = $g['varrun_path'] . "/openvpn_{$mode_id}.pid"; @@ -809,7 +809,7 @@ function openvpn_restart($mode, $settings) { /* start the new process */ $fpath = $g['varetc_path']."/openvpn/{$mode_id}.conf"; openvpn_clear_route($mode, $settings); - mwexec_bg("/usr/local/sbin/openvpn --config {$fpath}"); + mwexec_bg("/usr/local/sbin/openvpn --config " . escapeshellarg($fpath)); if (!$g['booting']) send_event("filter reload"); @@ -845,13 +845,13 @@ function openvpn_delete($mode, & $settings) { } /* remove the device from the openvpn group */ - mwexec("/sbin/ifconfig {$devname} -group openvpn"); + mwexec("/sbin/ifconfig " . escapeshellarg($devname) . " -group openvpn"); /* restore the original adapter name */ - mwexec("/sbin/ifconfig {$devname} name {$tunname}"); + mwexec("/sbin/ifconfig " . escapeshellarg($devname) . " name " . escapeshellarg($tunname)); /* remove the configuration files */ - mwexec("/bin/rm {$g['varetc_path']}/openvpn/{$mode_id}.*"); + array_map('unlink', glob("{$g['varetc_path']}/openvpn/{$mode_id}.*")); } function openvpn_cleanup_csc($common_name) { diff --git a/etc/inc/pfsense-utils.inc b/etc/inc/pfsense-utils.inc index da904b5..0e372f4 100644 --- a/etc/inc/pfsense-utils.inc +++ b/etc/inc/pfsense-utils.inc @@ -354,7 +354,7 @@ function get_pfsync_interface_status($pfsyncinterface) { * add_rule_to_anchor($anchor, $rule): adds the specified rule to an anchor */ function add_rule_to_anchor($anchor, $rule, $label) { - mwexec("echo " . $rule . " | /sbin/pfctl -a " . $anchor . ":" . $label . " -f -"); + mwexec("echo " . escapeshellarg($rule) . " | /sbin/pfctl -a " . escapeshellarg($anchor) . ":" . escapeshellarg($label) . " -f -"); } /* @@ -623,7 +623,7 @@ if (!function_exists('php_check_syntax')){ if (!function_exists('php_check_syntax')){ function php_check_syntax($code_to_check, &$errormessage){ return false; - $command = "/usr/local/bin/php -l " . $code_to_check; + $command = "/usr/local/bin/php -l " . escapeshellarg($code_to_check); $output = exec_command($command); if (stristr($output, "Errors parsing") == false) { echo "false\n"; @@ -1470,7 +1470,7 @@ function add_hostname_to_watch($hostname) { if((is_fqdn($hostname)) && (!is_ipaddr($hostname))) { $domrecords = array(); $domips = array(); - exec("host -t A $hostname", $domrecords, $rethost); + exec("host -t A " . escapeshellarg($hostname), $domrecords, $rethost); if($rethost == 0) { foreach($domrecords as $domr) { $doml = explode(" ", $domr); @@ -1547,7 +1547,7 @@ function compare_hostname_to_dnscache($hostname) { if((is_fqdn($hostname)) && (!is_ipaddr($hostname))) { $domrecords = array(); $domips = array(); - exec("host -t A $hostname", $domrecords, $rethost); + exec("host -t A " . escapeshellarg($hostname), $domrecords, $rethost); if($rethost == 0) { foreach($domrecords as $domr) { $doml = explode(" ", $domr); @@ -1892,7 +1892,7 @@ function update_alias_url_data() { $temp_filename = tempnam("{$g['tmp_path']}/", "alias_import"); unlink($temp_filename); $verify_ssl = isset($config['system']['checkaliasesurlcert']); - mwexec("/bin/mkdir -p {$temp_filename}"); + mkdir($temp_filename); download_file($alias_url, $temp_filename . "/aliases", $verify_ssl); /* if the item is tar gzipped then extract */ @@ -1934,7 +1934,7 @@ function update_alias_url_data() { function process_alias_unzip($temp_filename) { if(!file_exists("/usr/local/bin/unzip")) return; - mwexec("/bin/mv {$temp_filename}/aliases {$temp_filename}/aliases.zip"); + rename("{$temp_filename}/aliases", "{$temp_filename}/aliases.zip"); mwexec("/usr/local/bin/unzip {$temp_filename}/aliases.tgz -d {$temp_filename}/aliases/"); unlink("{$temp_filename}/aliases.zip"); $files_to_process = return_dir_as_array("{$temp_filename}/"); @@ -1951,7 +1951,7 @@ function process_alias_unzip($temp_filename) { function process_alias_tgz($temp_filename) { if(!file_exists("/usr/bin/tar")) return; - mwexec("/bin/mv {$temp_filename}/aliases {$temp_filename}/aliases.tgz"); + rename("{$temp_filename}/aliases", "{$temp_filename}/aliases.tgz"); mwexec("/usr/bin/tar xzf {$temp_filename}/aliases.tgz -C {$temp_filename}/aliases/"); unlink("{$temp_filename}/aliases.tgz"); $files_to_process = return_dir_as_array("{$temp_filename}/"); @@ -2089,7 +2089,7 @@ function process_alias_urltable($name, $url, $freq, $forceupdate=false) { } unlink_if_exists($urltable_filename . ".tmp"); } else - mwexec("/usr/bin/touch {$urltable_filename}"); + touch($urltable_filename); conf_mount_ro(); return true; } else { @@ -2182,10 +2182,10 @@ function nanobsd_update_fstab($gslice, $complete_path, $oldufs, $newufs) { $tmppath = "/tmp/{$gslice}"; $fstabpath = "/tmp/{$gslice}/etc/fstab"; - exec("/bin/mkdir {$tmppath}"); + mkdir($tmppath); exec("/sbin/fsck_ufs -y /dev/{$complete_path}"); exec("/sbin/mount /dev/ufs/{$gslice} {$tmppath}"); - exec("/bin/cp /etc/fstab {$fstabpath}"); + copy("/etc/fstab", $fstabpath); if (!file_exists($fstabpath)) { $fstab = <<<EOF @@ -2200,7 +2200,7 @@ EOF; $status = exec("sed -i \"\" \"s/pfsense{$oldufs}/pfsense{$newufs}/g\" {$fstabpath}"); } exec("/sbin/umount {$tmppath}"); - exec("/bin/rmdir {$tmppath}"); + rmdir($tmppath); return $status; } diff --git a/etc/inc/pkg-utils.inc b/etc/inc/pkg-utils.inc index 41e7286..b7f39f1 100644 --- a/etc/inc/pkg-utils.inc +++ b/etc/inc/pkg-utils.inc @@ -103,7 +103,7 @@ function remove_freebsd_package($packagestring) { // as displayed by the pbi_info utility. e.g. "package-1.2.3_4-i386" // It must NOT have ".pbi" on the end. putenv("PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin"); - exec("/usr/local/sbin/pbi_info {$packagestring} | /usr/bin/awk '/Prefix/ {print $2}'",$pbidir); + exec("/usr/local/sbin/pbi_info " . escapeshellarg($packagestring) . " | /usr/bin/awk '/Prefix/ {print $2}'",$pbidir); $pbidir = $pbidir[0]; if ($pbidir == "") { log_error("PBI dir for {$packagestring} was not found - cannot cleanup PBI files"); @@ -128,7 +128,7 @@ function remove_freebsd_package($packagestring) { } } - exec("/usr/local/sbin/pbi_delete {$packagestring} 2>>/tmp/pbi_delete_errors.txt"); + exec("/usr/local/sbin/pbi_delete " . escapeshellarg($packagestring) . " 2>>/tmp/pbi_delete_errors.txt"); } } @@ -279,7 +279,7 @@ function is_freebsd_pkg_installed($pkg) { return; $output = ""; putenv("PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin"); - exec("/usr/local/sbin/pbi_info \"{$pkg}\"", $output, $retval); + exec("/usr/local/sbin/pbi_info \"" . escapeshellarg($pkg) . "\"", $output, $retval); return (intval($retval) == 0); } @@ -566,10 +566,10 @@ function pkg_fetch_recursive($pkgname, $filename, $dependlevel = 0, $base_url = $pkgaddout = ""; putenv("PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin"); - exec("/usr/local/sbin/pbi_add {$pkgstaging} -f -v --no-checksig {$fetchto} 2>&1", $pkgaddout); + exec("/usr/local/sbin/pbi_add " . escapeshellarg($pkgstaging) . " -f -v --no-checksig " . escapeshellarg($fetchto) . " 2>&1", $pkgaddout); pkg_debug($pkgname . " " . print_r($pkgaddout, true) . "\npbi_add successfully completed.\n"); setup_library_paths(); - exec("/usr/local/sbin/pbi_info " . preg_replace('/\.pbi$/','',$filename) . " | /usr/bin/awk '/Prefix/ {print $2}'",$pbidir); + exec("/usr/local/sbin/pbi_info " . escapeshellarg(preg_replace('/\.pbi$/','',$filename)) . " | /usr/bin/awk '/Prefix/ {print $2}'",$pbidir); $pbidir = $pbidir[0]; $linkdirs = array('bin','sbin'); foreach($linkdirs as $dir) { @@ -802,7 +802,7 @@ function install_package_xml($pkg) { if(stristr($filename, ".tgz") <> "") { pkg_debug(gettext("Extracting tarball to -C for ") . $filename . "...\n"); $tarout = ""; - exec("/usr/bin/tar xvzf " . $prefix . $filename . " -C / 2>&1", $tarout); + exec("/usr/bin/tar xvzf " . escapeshellarg($prefix . $filename) . " -C / 2>&1", $tarout); pkg_debug(print_r($tarout, true) . "\n"); } if($pkg_chmod <> "") { @@ -861,7 +861,7 @@ function install_package_xml($pkg) { putenv("PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin"); exec("/usr/local/sbin/pbi_info | grep '^{$pkg_name_for_pbi_match}' | xargs /usr/local/sbin/pbi_info | awk '/Prefix/ {print $2}'",$pbidirarray); $pbidir0 = $pbidirarray[0]; - exec("find /usr/local/etc/ -name *.conf | grep \"{$pkg}\"",$files); + exec("find /usr/local/etc/ -name *.conf | grep '" . escapeshellarg($pkg) . "'",$files); foreach($files as $f) { $pbiconf = str_replace('/usr/local',$pbidir0,$f); if(is_file($pbiconf) || is_link($pbiconf)) { diff --git a/etc/inc/rrd.inc b/etc/inc/rrd.inc index d09ef82..a66120a 100644 --- a/etc/inc/rrd.inc +++ b/etc/inc/rrd.inc @@ -37,9 +37,9 @@ function dump_rrd_to_xml($rrddatabase, $xmldumpfile) { $rrdtool = "/usr/bin/nice -n20 /usr/local/bin/rrdtool"; if(file_exists($xmldumpfile)) - mwexec("rm {$xmldumpfile}"); + unlink($xmldumpfile); - exec("$rrdtool dump {$rrddatabase} {$xmldumpfile} 2>&1", $dumpout, $dumpret); + exec("$rrdtool dump " . escapeshellarg($rrddatabase) . " {$xmldumpfile} 2>&1", $dumpout, $dumpret); if ($dumpret <> 0) { $dumpout = implode(" ", $dumpout); log_error(sprintf(gettext('RRD dump failed exited with %1$s, the error is: %2$s'), $dumpret, $dumpout)); diff --git a/etc/inc/service-utils.inc b/etc/inc/service-utils.inc index 324eae7..446f60c 100644 --- a/etc/inc/service-utils.inc +++ b/etc/inc/service-utils.inc @@ -67,7 +67,7 @@ function write_rcfile($params) { $tokill =& $params['stop']; } else if(!empty($params['executable'])) { /* just nuke the executable */ - $tokill = "/usr/bin/killall {$params['executable']}"; + $tokill = "/usr/bin/killall " . escapeshellarg($params['executable']); } else { /* make an educated guess (bad) */ $tokill = array_pop(explode('/', array_shift(explode(' ', $params['start'])))); diff --git a/etc/inc/shaper.inc b/etc/inc/shaper.inc index b2e4451..bbe3da8 100644 --- a/etc/inc/shaper.inc +++ b/etc/inc/shaper.inc @@ -4093,7 +4093,7 @@ function generate_layer7_files() { if (!is_module_loaded("ipdivert.ko")) mwexec("/sbin/kldload ipdivert.ko"); - mwexec("rm -f {$g['tmp_path']}/*.l7"); + array_map('unlink', glob("{$g['tmp_path']}/*.l7")); } foreach($layer7_rules_list as $l7rules) { diff --git a/etc/inc/system.inc b/etc/inc/system.inc index edd8463..2a7c80a 100644 --- a/etc/inc/system.inc +++ b/etc/inc/system.inc @@ -384,7 +384,7 @@ function system_routing_configure($interface = "") { $foundgwv6 = false; /* tack on all the hard defined gateways as well */ if (is_array($config['gateways']['gateway_item'])) { - mwexec("/bin/rm -f {$g['tmp_path']}/*_defaultgw {$g['tmp_path']}/*_defaultgwv6", true); + array_map('unlink', glob("{$g['tmp_path']}/*_defaultgw{,v6}", GLOB_BRACE)); foreach ($config['gateways']['gateway_item'] as $gateway) { if (isset($gateway['defaultgw'])) { if ($gateway['ipprotocol'] != "inet6" && (is_ipaddrv4($gateway['gateway']) || $gateway['gateway'] == "dynamic")) { @@ -938,8 +938,7 @@ function system_generate_lighty_config($filename, $captive_portal_mod_evasive = "evasive.max-conns-per-ip = {$maxprocperip}"; $server_upload_dirs = "server.upload-dirs = ( \"{$g['tmp_path']}/captiveportal/\" )\n"; - exec("mkdir -p {$g['tmp_path']}/captiveportal"); - exec("chmod a-w {$g['tmp_path']}/captiveportal"); + mkdir("{$g['tmp_path']}/captiveportal", 0555); $server_max_request_size = "server.max-request-size = 384"; $cgi_config = ""; } else { @@ -1431,7 +1430,7 @@ function system_ntp_configure($start_ntpd=true) { /* if /var/empty does not exist, create it */ if(!is_dir("/var/empty")) - exec("/bin/mkdir -p /var/empty && chmod ug+rw /var/empty/."); + mkdir("/var/empty", 0775, true); /* start opentpd, set time now and use /var/etc/ntpd.conf */ mwexec("/usr/local/sbin/ntpd -g -c {$g['varetc_path']}/ntpd.conf -p {$g['varrun_path']}/ntpd.pid", false, true); diff --git a/etc/inc/upgrade_config.inc b/etc/inc/upgrade_config.inc index a43422f..088a672 100644 --- a/etc/inc/upgrade_config.inc +++ b/etc/inc/upgrade_config.inc @@ -1991,7 +1991,7 @@ function upgrade_054_to_055() { /* restore the databases, if we have one */ if (restore_rrd()) { /* Make sure to move the rrd backup out of the way. We will make a new one after converting. */ - exec("/bin/mv {$g['cf_conf_path']}/rrd.tgz {$g['cf_conf_path']}/backup"); + rename("{$g['cf_conf_path']}/rrd.tgz", "{$g['cf_conf_path']}/backup"); } } @@ -2657,7 +2657,7 @@ function upgrade_080_to_081() { /* restore the databases, if we have one */ if (restore_rrd()) { /* Make sure to move the rrd backup out of the way. We will make a new one after converting. */ - exec("/bin/mv {$g['cf_conf_path']}/rrd.tgz {$g['cf_conf_path']}/backup"); + rename("{$g['cf_conf_path']}/rrd.tgz", "{$g['cf_conf_path']}/backup"); } } @@ -3107,7 +3107,7 @@ function upgrade_095_to_096() { /* restore the databases, if we have one */ if (restore_rrd()) { /* Make sure to move the rrd backup out of the way. We will make a new one after converting. */ - exec("/bin/mv {$g['cf_conf_path']}/rrd.tgz {$g['cf_conf_path']}/backup"); + rename("{$g['cf_conf_path']}/rrd.tgz", "{$g['cf_conf_path']}/backup"); } } diff --git a/etc/inc/util.inc b/etc/inc/util.inc index eae3e9f..e391f37 100644 --- a/etc/inc/util.inc +++ b/etc/inc/util.inc @@ -52,7 +52,7 @@ function isvalidpid($pidfile) { function is_process_running($process) { $output = ""; - exec("/bin/pgrep -anx {$process}", $output, $retval); + exec("/bin/pgrep -anx " . escapeshellarg($process), $output, $retval); return (intval($retval) == 0); } @@ -65,7 +65,7 @@ function isvalidproc($proc) { /* return 1 for success and 0 for a failure */ function sigkillbypid($pidfile, $sig) { if (file_exists($pidfile)) - return mwexec("/bin/pkill -{$sig} -F {$pidfile}", true); + return mwexec("/bin/pkill " . escapeshellarg("-{$sig}") . " -F {$pidfile}", true); return 0; } @@ -73,7 +73,7 @@ function sigkillbypid($pidfile, $sig) { /* kill a process by name */ function sigkillbyname($procname, $sig) { if(isvalidproc($procname)) - return mwexec("/usr/bin/killall -{$sig} " . escapeshellarg($procname), true); + return mwexec("/usr/bin/killall " . escapeshellarg("-{$sig}") . " " . escapeshellarg($procname), true); } /* kill a process by name */ @@ -1163,7 +1163,7 @@ function log_auth($error) { ******/ function exec_command($command) { $output = array(); - exec($command . ' 2>&1 ', $output); + exec($command . ' 2>&1', $output); return(implode("\n", $output)); } @@ -1391,9 +1391,9 @@ function verify_digital_signature($fname) { /* obtain MAC address given an IP address by looking at the ARP table */ function arp_get_mac_by_ip($ip) { - mwexec("/sbin/ping -c 1 -t 1 {$ip}", true); + mwexec("/sbin/ping -c 1 -t 1 " . escapeshellarg($ip), true); $arpoutput = ""; - exec("/usr/sbin/arp -n {$ip}", $arpoutput); + exec("/usr/sbin/arp -n " . escapeshellarg($ip), $arpoutput); if ($arpoutput[0]) { $arpi = explode(" ", $arpoutput[0]); |
