diff options
author | Scott Ullrich <sullrich@su.local> | 2009-08-31 15:19:19 -0400 |
---|---|---|
committer | Scott Ullrich <sullrich@su.local> | 2009-08-31 15:19:19 -0400 |
commit | f9e06425eedae029ea2927e492dc64ef2b7d6469 (patch) | |
tree | 4f6f0a1eb8e5a9b99b5a171f4d728ed134699cc0 /usr | |
parent | 48b57191920c51de045bf712d5fb6fff64b429ad (diff) | |
download | pfsense-f9e06425eedae029ea2927e492dc64ef2b7d6469.zip pfsense-f9e06425eedae029ea2927e492dc64ef2b7d6469.tar.gz |
Add function that extracts etc/platform from an upgrade file and compares to the file on disk. This replaces the dumb filename platform check.
Diffstat (limited to 'usr')
-rwxr-xr-x | usr/local/www/system_firmware.php | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/usr/local/www/system_firmware.php b/usr/local/www/system_firmware.php index f488fbd..3eddb47 100755 --- a/usr/local/www/system_firmware.php +++ b/usr/local/www/system_firmware.php @@ -49,6 +49,19 @@ require_once("xmlrpc_client.inc"); ini_set('max_execution_time', '3600'); ini_set('max_input_time', '3600'); +function file_is_for_platform($filename) { + global $g; + exec("tar xzf $fiename -C /tmp/ etc/platform"); + if(!file_exists("/tmp/etc/platform")) + return false; + $upgrade_is_for_platform = trim(file_get_contents("/tmp/etc/platform")); + if($g['platform'] == $upgrade_is_for_platform) { + unlink_file("/tmp/etc/platform"); + return true; + } + return false; +} + /* if upgrade in progress, alert user */ if(file_exists($d_firmwarelock_path)) { $pgtitle = "System: Firmware: Manual Update"; @@ -95,7 +108,7 @@ if ($_POST && !file_exists($d_firmwarelock_path)) { } else if ($mode == "upgrade") { if (is_uploaded_file($_FILES['ulfile']['tmp_name'])) { /* verify firmware image(s) */ - if (!stristr($_FILES['ulfile']['name'], $g['platform']) && !$_POST['sig_override']) + if (!file_is_for_platform($_FILES['ulfile']['tmp_name']) && !$_POST['sig_override']) $input_errors[] = "The uploaded image file is not for this platform ({$g['platform']})."; else if (!file_exists($_FILES['ulfile']['tmp_name'])) { /* probably out of memory for the MFS */ |