From c95ebfccc9bce5d8e48d5339d31b25d88a183fde Mon Sep 17 00:00:00 2001 From: ivan Date: Sat, 23 Sep 2000 18:08:45 +0000 Subject: [PATCH] fix for DoS vulnerability noted by Kevin S. Ho --- TODO | 10 ++++++++++ shift.cgi | 11 ++++++----- 2 files changed, 16 insertions(+), 5 deletions(-) diff --git a/TODO b/TODO index 834f3d9..771ae48 100644 --- a/TODO +++ b/TODO @@ -1,3 +1,13 @@ +here's a one-liner to find duplicate inputbox'es: + +grep inputbox staffing.html | perl -pe '/inputbox\(\"(.*)\"\)/ or die; $_="$1\n";' | sort | uniq -d + +(though the program should probably error out) + +and here's another useful one: + + perl -ne 'if ( /^((.*)\s+)(\S+\@\S+)$/ ) { print "$1<$3>\n"; } else { print "$_\n"; }' P* + Delivered-To: ivan-fnf-planners@420.am To: phred@well.com, larryc@cloudfactory.org, fnf-planners@topica.com From: Rob Jellinghaus diff --git a/shift.cgi b/shift.cgi index b99b039..daf63ee 100755 --- a/shift.cgi +++ b/shift.cgi @@ -2,7 +2,7 @@ #!/usr/bin/perl -Tw # (Text::Template can't do -T, but no user input is used dangerously) # -# $Id: shift.cgi,v 1.2 2000-07-18 05:43:27 ivan Exp $ +# $Id: shift.cgi,v 1.3 2000-09-23 18:08:45 ivan Exp $ # # Copyright (C) 2000 Adam Gould # Copyright (C) 2000 Michal Migurski @@ -103,13 +103,14 @@ if ( $cgi->param() ) { foreach my $field ( @diff_fields ) { $shifthash{$field}='' unless defined $shifthash{$field}; if ( $shifthash{$field} eq $cgi->param($field. '_old') ) { - if ( $cgi->param($field. "_new") =~ - /\b(\w[\w\-\.\+]*\@(([\w\.\-]+\.)+\w+))\b/ - || $cgi->param($field. "_new") =~ /^\s*$/ + if ( $cgi->param($field. "_new") =~ + /^\s*(\w[\w\s\.\'\-]{0,99}?)\s*$/ + || $cgi->param($field. "_new") =~ /^\s*()$/ ) { + my $new = $1; open(FILE,">$data_directory/.new.$field") or die "Can't open file $data_directory/$field: $!"; - print FILE $cgi->param($field. "_new"); + print FILE $new; close FILE; rename "$data_directory/.new.$field", "$data_directory/$field"; $warning{$field} = ''; -- 2.11.0