Browse Source

Merge pull request #1113 from majestrate/sam-xss-fix

fix xss in webui from SAM session name
pull/1119/head
orignal 7 years ago committed by GitHub
parent
commit
606cbaa519
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 20
      libi2pd_client/SAM.cpp
  2. 1
      libi2pd_client/SAM.h

20
libi2pd_client/SAM.cpp

@ -296,6 +296,19 @@ namespace client @@ -296,6 +296,19 @@ namespace client
}
}
static bool IsAcceptableSessionName(const std::string & str)
{
auto itr = str.begin();
while(itr != str.end())
{
char ch = *itr;
++itr;
if (ch == '<' || ch == '>' || ch == '"' || ch == '\'' || ch == '/')
return false;
}
return true;
}
void SAMSocket::ProcessSessionCreate (char * buf, size_t len)
{
LogPrint (eLogDebug, "SAM: session create: ", buf);
@ -304,6 +317,13 @@ namespace client @@ -304,6 +317,13 @@ namespace client
std::string& style = params[SAM_PARAM_STYLE];
std::string& id = params[SAM_PARAM_ID];
std::string& destination = params[SAM_PARAM_DESTINATION];
if(!IsAcceptableSessionName(id))
{
// invalid session id
SendMessageReply (SAM_SESSION_CREATE_INVALID_ID, strlen(SAM_SESSION_CREATE_INVALID_ID), true);
return;
}
m_ID = id;
if (m_Owner.FindSession (id))
{

1
libi2pd_client/SAM.h

@ -28,6 +28,7 @@ namespace client @@ -28,6 +28,7 @@ namespace client
const char SAM_SESSION_CREATE_REPLY_OK[] = "SESSION STATUS RESULT=OK DESTINATION=%s\n";
const char SAM_SESSION_CREATE_DUPLICATED_ID[] = "SESSION STATUS RESULT=DUPLICATED_ID\n";
const char SAM_SESSION_CREATE_DUPLICATED_DEST[] = "SESSION STATUS RESULT=DUPLICATED_DEST\n";
const char SAM_SESSION_CREATE_INVALID_ID[] = "SESSION STATUS RESULT=INVALID_ID\n";
const char SAM_SESSION_STATUS_INVALID_KEY[] = "SESSION STATUS RESULT=INVALID_KEY\n";
const char SAM_SESSION_STATUS_I2P_ERROR[] = "SESSION STATUS RESULT=I2P_ERROR MESSAGE=%s\n";
const char SAM_STREAM_CONNECT[] = "STREAM CONNECT";

Loading…
Cancel
Save