From 0ef5cdafe2908bcb846323b31499e3783f20a243 Mon Sep 17 00:00:00 2001 From: bergware Date: Sat, 15 Feb 2025 10:03:34 +0100 Subject: [PATCH] security enhancements --- emhttp/plugins/dynamix/include/NetworkInfo.php | 12 ++++++------ emhttp/plugins/dynamix/include/Wireless.php | 2 +- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/emhttp/plugins/dynamix/include/NetworkInfo.php b/emhttp/plugins/dynamix/include/NetworkInfo.php index d274fd1f2..926dbde2a 100644 --- a/emhttp/plugins/dynamix/include/NetworkInfo.php +++ b/emhttp/plugins/dynamix/include/NetworkInfo.php @@ -36,14 +36,14 @@ $v6on = trim(file_get_contents("/proc/sys/net/ipv6/conf/$port/disable_ipv6"))= $none = _('None'); $error = ""._('Missing').""; $note = in_array($eth,['eth0','wlan0']) && !$vlan ? $error : $none; -$ipv4 = array_filter(explode(' ',exec("ip -4 -br addr show $port scope global 2>/dev/null | awk '{\$1=\$2=\"\";print;exit}' | sed -r 's/ metric [0-9]+//g; s/\/[0-9]+//g'"))); -$gw4 = exec("ip -4 route show default dev $port 2>/dev/null | awk '{print \$3;exit}'") ?: $note; +$ipv4 = array_filter(explode(' ',exec("ip -4 -br addr show ".escapeshellarg($port)." scope global 2>/dev/null | awk '{\$1=\$2=\"\";print;exit}' | sed -r 's/ metric [0-9]+//g; s/\/[0-9]+//g'"))); +$gw4 = exec("ip -4 route show default dev ".escapeshellarg($port)." 2>/dev/null | awk '{print \$3;exit}'") ?: $note; $dns4 = array_filter($ns,function($ns){return strpos($ns,':')===false;}); $domain = exec("grep -Pom1 'domain \K.*' /etc/resolv.conf 2>/dev/null") ?: '---'; if ($v6on) { - $ipv6 = array_filter(explode(' ',exec("ip -6 -br addr show $port scope global -temporary 2>/dev/null | awk '{\$1=\$2=\"\";print;exit}' | sed -r 's/ metric [0-9]+//g; s/\/[0-9]+//g'"))); - $gw6 = exec("ip -6 route show default dev $port 2>/dev/null | awk '{print \$3;exit}'") ?: $note; + $ipv6 = array_filter(explode(' ',exec("ip -6 -br addr show ".escapeshellarg($port)." scope global -temporary 2>/dev/null | awk '{\$1=\$2=\"\";print;exit}' | sed -r 's/ metric [0-9]+//g; s/\/[0-9]+//g'"))); + $gw6 = exec("ip -6 route show default dev ".escapeshellarg($port)." 2>/dev/null | awk '{print \$3;exit}'") ?: $note; $dns6 = array_filter($ns,function($ns){return strpos($ns,':')!==false;}); } @@ -64,8 +64,8 @@ if ($wlan0) { echo ""._('Receive bitrate').":$rxrate"; echo ""._('Transmit bitrate').":$txrate"; } else { - $link = _(ucfirst(exec("ethtool $eth 2>/dev/null | awk '$1==\"Link\" {print $3;exit}'")) ?: 'Unknown')." ("._(exec("ethtool $eth 2>/dev/null | grep -Pom1 '^\s+Port: \K.*'") ?: 'not present').")"; - $speed = _(preg_replace(['/^(\d+)/','/!/'],['$1 ',''],exec("ethtool $eth 2>/dev/null | awk '$1==\"Speed:\" {print $2;exit}'")) ?: 'Unknown'); + $link = _(ucfirst(exec("ethtool ".escapeshellarg($eth)." 2>/dev/null | awk '$1==\"Link\" {print $3;exit}'")) ?: 'Unknown')." ("._(exec("ethtool ".escapeshellarg($eth)." 2>/dev/null | grep -Pom1 '^\s+Port: \K.*'") ?: 'not present').")"; + $speed = _(preg_replace(['/^(\d+)/','/!/'],['$1 ',''],exec("ethtool ".escapeshellarg($eth)." 2>/dev/null | awk '$1==\"Speed:\" {print $2;exit}'")) ?: 'Unknown'); echo ""._('Interface link').":$link"; echo ""._('Interface speed').":$speed"; } diff --git a/emhttp/plugins/dynamix/include/Wireless.php b/emhttp/plugins/dynamix/include/Wireless.php index 98189252a..77a5b0099 100644 --- a/emhttp/plugins/dynamix/include/Wireless.php +++ b/emhttp/plugins/dynamix/include/Wireless.php @@ -20,7 +20,7 @@ $tmp = '/var/tmp/attr'; $wifi = is_readable($cfg) ? (array)parse_ini_file($cfg,true) : []; $attr = is_readable($tmp) ? (array)parse_ini_file($tmp,true) : []; $md5 = md5(json_encode($attr),true); -$cmd = $_POST['cmd']; +$cmd = $_POST['cmd'] ?? ''; $masks = [ '255.0.0.0' => '8', '255.255.0.0' => '16', '255.255.128.0' => '17', '255.255.192.0' => '18', '255.255.224.0' => '19', '255.255.240.0' => '20', '255.255.248.0' => '21', '255.255.252.0' => '22',