From 276c480f5001465d994dacf6e30d1e1c2d0a3b0b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Mon, 26 Sep 2022 23:40:09 +0200 Subject: [PATCH] Return default port if non-numeric characters are set in pihole-FTL.conf for FTLPORT. FTL does the same in such case and provide the API on 4711 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- advanced/Scripts/utils.sh | 8 +++----- test/test_any_utils.py | 4 ++-- 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/advanced/Scripts/utils.sh b/advanced/Scripts/utils.sh index ef7ad219..1174fa62 100755 --- a/advanced/Scripts/utils.sh +++ b/advanced/Scripts/utils.sh @@ -82,16 +82,14 @@ getFTLAPIPort(){ if [ -s "$FTLCONFFILE" ]; then # if FTLPORT is not set in pihole-FTL.conf, use the default port ftl_api_port="$({ grep '^FTLPORT=' "${FTLCONFFILE}" || echo "${DEFAULT_FTL_PORT}"; } | cut -d'=' -f2-)" - # Exploit prevention: unset the variable if there is malicious content - # Verify that the value read from the file is numeric - expr "${ftl_api_port}" : "[^[:digit:]]" > /dev/null && unset ftl_api_port + # Exploit prevention: set the port to the default port if there is malicious (non-numeric) + # content set in pihole-FTL.conf + expr "${ftl_api_port}" : "[^[:digit:]]" > /dev/null && ftl_api_port="${DEFAULT_FTL_PORT}" else # if there is no pihole-FTL.conf, use the default port ftl_api_port="${DEFAULT_FTL_PORT}" fi - # If the ftl_api_port contained malicious stuff, substitute with -1 - ftl_api_port=${ftl_api_port:=-1} echo "${ftl_api_port}" } diff --git a/test/test_any_utils.py b/test/test_any_utils.py index 6a1146ee..5b4075d9 100644 --- a/test/test_any_utils.py +++ b/test/test_any_utils.py @@ -92,7 +92,7 @@ def test_getFTLAPIPort_custom(host): def test_getFTLAPIPort_malicious(host): - """Confirms getFTLAPIPort returns -1 if the setting in pihole-FTL.conf contains non-digits""" + """Confirms getFTLAPIPort returns 4711 if the setting in pihole-FTL.conf contains non-digits""" host.run( """ echo "FTLPORT=*$ssdfsd" > /etc/pihole/pihole-FTL.conf @@ -104,7 +104,7 @@ def test_getFTLAPIPort_malicious(host): getFTLAPIPort """ ) - expected_stdout = "-1\n" + expected_stdout = "4711\n" assert expected_stdout == output.stdout