reworked QUERY_STRING management to further fix some potential security

flaws.
homematic-community · Dec 13, 2022 · 8ad3a50 · 8ad3a50
1 parent f9fbdca
commit 8ad3a50
Show file tree

Hide file tree

Showing 12 changed files with 71 additions and 88 deletions.
diff --git a/VERSION b/VERSION
@@ -1 +1 @@
-1.7.4
+1.7.5
diff --git a/www/backup.cgi b/www/backup.cgi
@@ -7,8 +7,6 @@
 #
 ###
 
-load tclrega.so
-source querystring.tcl
 source session.tcl
 
 puts "Content-Type: text/plain; charset=iso-8859-1"

diff --git a/www/config_js.cgi b/www/config_js.cgi
@@ -8,8 +8,6 @@
 # @license Public Domain
 ##
 
-load tclrega.so
-source querystring.tcl
 source session.tcl
 source /etc/config/addons/email/config.tcl
 

diff --git a/www/index.html b/www/index.html
@@ -186,7 +186,7 @@
       </tr>
       <tr>
         <td>Version:</td>
-        <td align="right"><iframe width="55" height="25" scrolling="no" frameborder="0" src="VERSION.txt"></iframe></td>
+        <td align="right"><iframe width="70" height="25" scrolling="no" frameborder="0" src="VERSION.txt"></iframe></td>
       </tr>
       <tr>
         <td>Autoren:</td>

diff --git a/www/logfile.html b/www/logfile.html
@@ -1,20 +1,20 @@
-<!doctype html>
-<html>
-<head>
-<meta content="10;URL=/addons/email/logfile.html" http-equiv="Refresh">
-<meta http-equiv="expires" content="0">
-<title>Logfile</title>
-<link rel="stylesheet" type="text/css" href="style.css" />
-<script LANGUAGE="JavaScript">
-<!--
-function reload_main(){
-var uri=location.href; 
-location.href=uri;
-}
-//-->
-</script>
-</head>
-<body>
-<iframe name='logdisplay' src='/addons/email/log/email.log' width='100%' height='80' scrolling='yes' frameborder='0' style='background-color:transparent;border:0px solid #11cccc;padding:0px;'></iframe></td></tr>
-</body>
-</html>
+<!doctype html>
+<html>
+<head>
+<meta content="10;URL=/addons/email/logfile.html" http-equiv="Refresh">
+<meta http-equiv="expires" content="0">
+<title>Logfile</title>
+<link rel="stylesheet" type="text/css" href="style.css" />
+<script LANGUAGE="JavaScript">
+<!--
+function reload_main(){
+var uri=location.href; 
+location.href=uri;
+}
+//-->
+</script>
+</head>
+<body>
+<iframe name='logdisplay' src='/addons/email/log/email.log' width='100%' height='80' scrolling='yes' frameborder='0' style='background-color:transparent;border:0px solid #11cccc;padding:0px;'></iframe></td></tr>
+</body>
+</html>
diff --git a/www/messages.html b/www/messages.html
@@ -1,19 +1,19 @@
-<!doctype html>
-<html>
-<head>
-<meta content="10;URL=/addons/email/messages.html" http-equiv="Refresh"> 
-<meta http-equiv="expires" content="0">
-<title>Logfile</title>
-<script LANGUAGE="JavaScript">
-<!--
-function reload_main(){
-var uri=location.href; 
-location.href=uri;
-}
-//-->
-</script>
-</head>
-<body>
-<iframe name='logdisplay1' src='/addons/email/syslog.cgi?filter=msmtp' width='100%' height='80' scrolling='yes' frameborder='0' style='background-color:transparent;border:0px solid #11cccc;padding:0px;'></iframe></td></tr>
-</body>
-</html>
+<!doctype html>
+<html>
+<head>
+<meta content="10;URL=/addons/email/messages.html" http-equiv="Refresh"> 
+<meta http-equiv="expires" content="0">
+<title>Logfile</title>
+<script LANGUAGE="JavaScript">
+<!--
+function reload_main(){
+var uri=location.href; 
+location.href=uri;
+}
+//-->
+</script>
+</head>
+<body>
+<iframe name='logdisplay1' src='/addons/email/syslog.cgi' width='100%' height='80' scrolling='yes' frameborder='0' style='background-color:transparent;border:0px solid #11cccc;padding:0px;'></iframe></td></tr>
+</body>
+</html>
diff --git a/www/querystring.tcl b/www/querystring.tcl
diff --git a/www/save.cgi b/www/save.cgi
@@ -34,9 +34,7 @@
 # @license Public Domain
 ##
 
-load tclrega.so
 source session.tcl
-source querystring.tcl
 
 puts "Content-Type: text/plain; charset=iso-8859-1"
 puts ""

diff --git a/www/session.tcl b/www/session.tcl
@@ -2,6 +2,18 @@
 
 load tclrega.so
 
+catch {
+  set input $env(QUERY_STRING)
+  set pairs [split $input &]
+  set sid ""
+  foreach pair $pairs {
+    if {0 != [regexp "^sid=(@.*@)$" $pair dummy val]} {
+      set sid $val
+      break
+    }
+  }
+}
+
 proc check_session sid {
   if {[regexp {@([0-9a-zA-Z]{10})@} $sid all sidnr]} {
     set res [lindex [rega_script "Write(system.GetSessionVarStr('$sidnr'));"] 1]

diff --git a/www/syslog.cgi b/www/syslog.cgi
@@ -1,28 +1,18 @@
-#!/bin/tclsh
-
-set logfile "/var/log/messages"
-set filter *
-
-catch {
-  set input $env(QUERY_STRING)
-  set pairs [split $input &]
-  foreach pair $pairs {
-    if {0 != [regexp "^(\[^=]*)=(.*)$" $pair dummy varname val]} {
-      set $varname $val
-    }
-  }
-}
-
-puts "Content-Type: text/plain;Charset=ISO-8859-1"
-puts ""
-
-if {[catch {open "$logfile" r} fd]} {
-  puts "ERROR open($logfile) $fd"
-} else {
-  while {[gets $fd line] >= 0} {
-    if {[string match -nocase "*$filter*" $line]} {
-      puts $line
-    }
-  }
-  close $fd
-}
+#!/bin/tclsh
+
+set logfile "/var/log/messages"
+set filter "msmtp"
+
+puts "Content-Type: text/plain; charset=iso-8859-1"
+puts ""
+
+if {[catch {open "$logfile" r} fd]} {
+  puts "ERROR open($logfile) $fd"
+} else {
+  while {[gets $fd line] >= 0} {
+    if {[string match -nocase "*$filter*" $line]} {
+      puts $line
+    }
+  }
+  close $fd
+}
diff --git a/www/testmail.cgi b/www/testmail.cgi
@@ -7,8 +7,6 @@
 # @license Public Domain
 ##
 
-load tclrega.so
-source querystring.tcl
 source session.tcl
 
 puts "Content-Type: text/plain; charset=iso-8859-1"

diff --git a/www/testtcl.cgi b/www/testtcl.cgi
@@ -7,8 +7,6 @@
 #
 ###
 
-load tclrega.so
-source querystring.tcl
 source session.tcl
 
 puts "Content-Type: text/plain; charset=iso-8859-1"