Add lib/utils.php file
Added simple shell/utf/html escape checking Added a collection of test cases (we need some more escape checking ones) Signed-off-by: Diederik de Groot <ddegroot@talon.nl>
This commit is contained in:
Diederik de Groot
@@ -1,18 +1,18 @@
|
|||||||
#!/usr/bin/php
|
#!/usr/bin/php
|
||||||
<?php
|
<?php
|
||||||
include_once("config.php");
|
include_once("config.php");
|
||||||
|
include_once("utils.php");
|
||||||
|
|
||||||
/* Todo:
|
/* Todo:
|
||||||
- setup logging
|
- setup logging
|
||||||
- read config.file
|
✔️ read config.file
|
||||||
- improve error handling
|
- improve error handling
|
||||||
- secure urlencoding/urldecoding
|
?✔️ secure urlencoding/urldecoding
|
||||||
- don't allow browsing
|
- don't allow browsing
|
||||||
- See isValidRequest()
|
- See isValidRequest()
|
||||||
- check source ip-range
|
- check source ip-range
|
||||||
- check HTTPHeader for known BrowserTypes
|
- check HTTPHeader for known BrowserTypes
|
||||||
*/
|
*/
|
||||||
|
|
||||||
class Resolver {
|
class Resolver {
|
||||||
private $isDirty = FALSE;
|
private $isDirty = FALSE;
|
||||||
private $cache = array();
|
private $cache = array();
|
||||||
@@ -26,7 +26,7 @@ class Resolver {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
function __destruct() {
|
function __destruct() {
|
||||||
//print_r($this->cache);
|
// $this->printCache()
|
||||||
if ($this->isDirty) {
|
if ($this->isDirty) {
|
||||||
if (!file_put_contents($this->config['main']['cache_filename'], serialize($this->cache))) {
|
if (!file_put_contents($this->config['main']['cache_filename'], serialize($this->cache))) {
|
||||||
throw new Exception("Could not write to file '".$this->config['cache_filename']."' at Resolver::destruct");
|
throw new Exception("Could not write to file '".$this->config['cache_filename']."' at Resolver::destruct");
|
||||||
@@ -67,26 +67,33 @@ class Resolver {
|
|||||||
}
|
}
|
||||||
$this->isDirty = TRUE;
|
$this->isDirty = TRUE;
|
||||||
}
|
}
|
||||||
function addFile($hash, $path) {
|
function addFile($requestpath, $truepath) {
|
||||||
//echo 'Adding $hash\n';
|
//echo 'Adding $hash\n';
|
||||||
$this->cache[$hash] = $path;
|
$this->cache[$requestpath] = $truepath;
|
||||||
$this->isDirty =TRUE;
|
$this->isDirty =TRUE;
|
||||||
}
|
}
|
||||||
function removeFile($hash) {
|
function removeFile($requestpath) {
|
||||||
//echo 'Removing $hash\n';
|
//echo 'Removing $hash\n';
|
||||||
unset($this->cache[$hash]);
|
unset($this->cache[$requestpath]);
|
||||||
$this->isDirty = TRUE;
|
$this->isDirty = TRUE;
|
||||||
}
|
}
|
||||||
function isValidRequest($request) {
|
function validateRequest($request) {
|
||||||
/* todo: make sure request does not startwith or contain: "/", "../" or "/./" */
|
/* todo: make sure request does not startwith or contain: "/", "../" or "/./" */
|
||||||
/* todo: make sure request only starts with filename or one of $config[$subdir]['locale'] or $config[$subdir]['wallpaper'] */
|
/* todo: make sure request only starts with filename or one of $config[$subdir]['locale'] or $config[$subdir]['wallpaper'] */
|
||||||
/* todo: check uri/url decode */
|
/* todo: check uri/url decode */
|
||||||
return TRUE;
|
//print($request . ":" . escapeshellarg($request) . ":" . $this->utf8_urldecode($request) . "\n");
|
||||||
|
$escaped_request = escapeshellarg(utf8_urldecode($request));
|
||||||
|
if ($escaped_request !== "'" . $request . "'") {
|
||||||
|
// log error
|
||||||
|
throw new Exception("Request '$request' contains invalid characters");
|
||||||
|
}
|
||||||
|
if (strstr($escaped_request, "..")) {
|
||||||
|
// log error
|
||||||
|
throw new Exception("Request '$request' contains '..'");
|
||||||
|
}
|
||||||
}
|
}
|
||||||
function resolve($request) /* canthrow */ {
|
function resolve($request) /* canthrow */ {
|
||||||
if (!$this->isValidRequest($request)) {
|
$this->validateRequest($request);
|
||||||
throw new Exception("Invalid request:'$request'");
|
|
||||||
}
|
|
||||||
$path = '';
|
$path = '';
|
||||||
if (array_key_exists($request, $this->cache)) {
|
if (array_key_exists($request, $this->cache)) {
|
||||||
if ($path = $this->cache[$request]) {
|
if ($path = $this->cache[$request]) {
|
||||||
@@ -102,23 +109,40 @@ class Resolver {
|
|||||||
}
|
}
|
||||||
return $path;
|
return $path;
|
||||||
}
|
}
|
||||||
|
function printCache() {
|
||||||
|
print_r($this->cache);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Some simple inline testing
|
||||||
$resolver = new Resolver($config);
|
$resolver = new Resolver($config);
|
||||||
try {
|
$test_cases = Array(
|
||||||
print($resolver->resolve("jar70sccp.9-4-2ES26.sbn")."\n");
|
Array('request' => 'jar70sccp.9-4-2ES26.sbn', 'expected' => '/tftpboot/firmware/7970/jar70sccp.9-4-2ES26.sbn', 'throws' => FALSE),
|
||||||
print($resolver->resolve("Russian_Russian_Federation/be-sccp.jar")."\n");
|
Array('request' => 'Russian_Russian_Federation/be-sccp.jar', 'expected' => '/tftpboot/locales/languages/Russian_Russian_Federation/be-sccp.jar', 'throws' => FALSE),
|
||||||
print($resolver->resolve("Spain/g3-tones.xml")."\n");
|
Array('request' => 'Spain/g3-tones.xml', 'expected' => '/tftpboot/locales/countries/Spain/g3-tones.xml', 'throws' => FALSE),
|
||||||
print($resolver->resolve("320x196x4/Chan-SCCP-b.png")."\n");
|
Array('request' => '320x196x4/Chan-SCCP-b.png', 'expected' => '/tftpboot/wallpapers/320x196x4/Chan-SCCP-b.png', 'throws' => FALSE),
|
||||||
} catch (Exception $e) {
|
Array('request' => 'XMLDefault.cnf.xml', 'expected' => '/tftpboot/settings/bak/XMLDefault.cnf.xml', 'throws' => FALSE),
|
||||||
print($e . "\n");
|
Array('request' => '../XMLDefault.cnf.xml', 'expected' => '', 'throws' => TRUE),
|
||||||
|
Array('request' => 'XMLDefault.cnf.xml/../../text.xml', 'expected' => '', 'throws' => TRUE),
|
||||||
|
|
||||||
|
);
|
||||||
|
foreach($test_cases as $test) {
|
||||||
|
try {
|
||||||
|
$result = $resolver->resolve($test['request']);
|
||||||
|
if ($result !== $base_path . $test['expected']) {
|
||||||
|
print("Error: expected result does not match what we got\n");
|
||||||
|
print("request:'".$test['request']."', result:'" . $base_path . $test['expected'] . "'\n");
|
||||||
|
} else {
|
||||||
|
print("'" . $test['request'] . "' => '" . $result . "'\n");
|
||||||
|
}
|
||||||
|
} catch (Exception $e) {
|
||||||
|
if (!$test['throws']) {
|
||||||
|
print("Error: request was expected to throw: $e\n");
|
||||||
|
} else {
|
||||||
|
print("'" . $test['request'] . "' => throws error as expected\n");
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
try {
|
|
||||||
print($resolver->resolve("XMLDefault.cnf.xml")."\n");
|
|
||||||
} catch (Exception $e) {
|
|
||||||
print($e . "\n");
|
|
||||||
}
|
|
||||||
|
|
||||||
unset($resolver);
|
unset($resolver);
|
||||||
#unlink($CACHEFILE_NAME);
|
#unlink($CACHEFILE_NAME);
|
||||||
?>
|
?>
|
||||||
|
|||||||
10
lib/utils.php
Normal file
10
lib/utils.php
Normal file
@@ -0,0 +1,10 @@
|
|||||||
|
<?php
|
||||||
|
//
|
||||||
|
// Helper functions
|
||||||
|
//
|
||||||
|
|
||||||
|
function utf8_urldecode($str) {
|
||||||
|
$str = preg_replace("/%u([0-9a-f]{3,4})/i","&#x\\1;",urldecode($str));
|
||||||
|
return html_entity_decode($str,null,'UTF-8');;
|
||||||
|
}
|
||||||
|
?>
|
||||||
Reference in New Issue
Block a user