mirror of
https://github.com/pi-hole/pi-hole.git
synced 2024-12-23 21:30:17 +00:00
Return default port if non-numeric characters are set in pihole-FTL.conf for FTLPORT. FTL does the same in such case and provide the API on 4711
Signed-off-by: Christian König <ckoenig@posteo.de>
This commit is contained in:
parent
25ba68104b
commit
276c480f50
2 changed files with 5 additions and 7 deletions
|
@ -82,16 +82,14 @@ getFTLAPIPort(){
|
|||
if [ -s "$FTLCONFFILE" ]; then
|
||||
# if FTLPORT is not set in pihole-FTL.conf, use the default port
|
||||
ftl_api_port="$({ grep '^FTLPORT=' "${FTLCONFFILE}" || echo "${DEFAULT_FTL_PORT}"; } | cut -d'=' -f2-)"
|
||||
# Exploit prevention: unset the variable if there is malicious content
|
||||
# Verify that the value read from the file is numeric
|
||||
expr "${ftl_api_port}" : "[^[:digit:]]" > /dev/null && unset ftl_api_port
|
||||
# Exploit prevention: set the port to the default port if there is malicious (non-numeric)
|
||||
# content set in pihole-FTL.conf
|
||||
expr "${ftl_api_port}" : "[^[:digit:]]" > /dev/null && ftl_api_port="${DEFAULT_FTL_PORT}"
|
||||
else
|
||||
# if there is no pihole-FTL.conf, use the default port
|
||||
ftl_api_port="${DEFAULT_FTL_PORT}"
|
||||
fi
|
||||
|
||||
# If the ftl_api_port contained malicious stuff, substitute with -1
|
||||
ftl_api_port=${ftl_api_port:=-1}
|
||||
echo "${ftl_api_port}"
|
||||
}
|
||||
|
||||
|
|
|
@ -92,7 +92,7 @@ def test_getFTLAPIPort_custom(host):
|
|||
|
||||
|
||||
def test_getFTLAPIPort_malicious(host):
|
||||
"""Confirms getFTLAPIPort returns -1 if the setting in pihole-FTL.conf contains non-digits"""
|
||||
"""Confirms getFTLAPIPort returns 4711 if the setting in pihole-FTL.conf contains non-digits"""
|
||||
host.run(
|
||||
"""
|
||||
echo "FTLPORT=*$ssdfsd" > /etc/pihole/pihole-FTL.conf
|
||||
|
@ -104,7 +104,7 @@ def test_getFTLAPIPort_malicious(host):
|
|||
getFTLAPIPort
|
||||
"""
|
||||
)
|
||||
expected_stdout = "-1\n"
|
||||
expected_stdout = "4711\n"
|
||||
assert expected_stdout == output.stdout
|
||||
|
||||
|
||||
|
|
Loading…
Reference in a new issue