[smokeping/f16] Add patch to fix CVE-2012-0790 (#783584)

Sun Jan 22 15:09:19 UTC 2012

commit 2d926ef980c5be41052f21f151950ab7af5d5c10
Author: Terje Røsten <terje.rosten at ntnu.no>
Date:   Sun Jan 22 16:08:31 2012 +0100

    Add patch to fix CVE-2012-0790 (#783584)

 smokeping-2.4.2-cve-2012-0790.patch |   68 +++++++++++++++++++++++++++++++++++
 1 files changed, 68 insertions(+), 0 deletions(-)
---

diff --git a/smokeping-2.4.2-cve-2012-0790.patch b/smokeping-2.4.2-cve-2012-0790.patch
new file mode 100644
index 0000000..5923a70
--- /dev/null
+++ b/smokeping-2.4.2-cve-2012-0790.patch
@@ -0,0 +1,68 @@
+--- smokeping-2.6.6/lib/Smokeping.pm	2011-11-12 04:00:24.000000000 -0700
++++ smokeping-2.6.6/lib/Smokeping.pm	2012-01-11 01:48:43.000000000 -0700
+@@ -168,8 +168,10 @@ sub cgiurl {
+ sub hierarchy ($){
+     my $q = shift;
+     my $hierarchy = '';
++    my $h = $q->param('hierarchy');
+     if ($q->param('hierarchy')){
+-       $hierarchy = 'hierarchy='.$q->param('hierarchy').';';
++       $h =~ s/[<>&%]/./g;
++       $hierarchy = 'hierarchy='.$h.';';
+     }; 
+     return $hierarchy;
+ }        
+@@ -210,6 +212,7 @@ sub update_dynaddr ($$){
+     my $address = $ENV{REMOTE_ADDR};
+     my $targetptr = $cfg->{Targets};
+     foreach my $step (@target){
++        $step =~ s/[<>&%]/./g; 
+         return "Error: Unknown target $step" 
+           unless defined $targetptr->{$step};
+         $targetptr =  $targetptr->{$step};
+@@ -1044,7 +1047,7 @@ sub get_detail ($$$$;$){
+     my $tree = shift;
+     my $open = shift;
+     my $mode = shift || $q->param('displaymode') || 's';
+-    
++    $mode =~ s/[<>&%]/./g; 
+     my $phys_tree = $tree;
+     my $phys_open = $open;    
+     if ($tree->{__tree_link}){
+@@ -1443,13 +1446,15 @@ sub get_detail ($$$$;$){
+         } elsif ($mode eq 's') { # classic mode
+             $startstr =~ s/\s/%20/g;
+             $endstr =~ s/\s/%20/g;
++            my $t = $q->param('target');
++            $t =~ s/[<>&%]/./g; 
+             for my $slave (@slaves){
+                 my $s = $slave ? "~$slave" : "";
+                 $page .= "<div>";
+ #           $page .= (time-$timer_start)."<br/>";
+ #           $page .= join " ",map {"'$_'"} @task;
+                 $page .= "<br/>";
+-                $page .= ( qq{<a href="}.cgiurl($q,$cfg)."?".hierarchy($q).qq{displaymode=n;start=$startstr;end=now;}."target=".$q->param('target').$s.'">'
++                $page .= ( qq{<a href="}.cgiurl($q,$cfg)."?".hierarchy($q).qq{displaymode=n;start=$startstr;end=now;}."target=".$t.$s.'">'
+                       . qq{<IMG BORDER="0" SRC="${imghref}${s}_${end}_${start}.png">}."</a>" ); #"
+                 $page .= "</div>";
+             }
+@@ -1593,8 +1598,10 @@ sub display_webpage($$){
+     my $cfg = shift;
+     my $q = shift;
+     my $targ = '';
+-    if ( $q->param('target') and $q->param('target') !~ /\.\./ and $q->param('target') =~ /(\S+)/){
++    my $t = $q->param('target');
++    if ( $t and $t !~ /\.\./ and $t =~ /(\S+)/){
+         $targ = $1;
++        $targ =~ s/[<>;%]/./g;
+     }
+     my ($path,$slave) = split(/~/,$targ);
+     if ($slave and $slave =~ /(\S+)/){
+@@ -1603,6 +1610,7 @@ sub display_webpage($$){
+         $slave = $1;
+     }
+     my $hierarchy = $q->param('hierarchy');
++    $hierarchy =~ s/[<>;%]/./g;
+     die "ERROR: unknown hierarchy $hierarchy\n" 
+ 	if $hierarchy and not $cfg->{Presentation}{hierarchies}{$hierarchy};
+     my $open = [ (split /\./,$path||'') ];
