diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2021-01-22 20:28:19 +0000 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2021-01-22 20:28:19 +0000 |
commit | abaa75b10f899ada8dd05b23cc03205064394bc6 (patch) | |
tree | eca3dd248b73b92013cba00a0fcc1edf2696e19a /net-analyzer/cacti | |
parent | 24fd814c326e282c4321965c31f341dad77e270d (diff) |
gentoo resync : 22.01.2021
Diffstat (limited to 'net-analyzer/cacti')
-rw-r--r-- | net-analyzer/cacti/Manifest | 3 | ||||
-rw-r--r-- | net-analyzer/cacti/cacti-1.2.16-r1.ebuild | 54 | ||||
-rw-r--r-- | net-analyzer/cacti/files/cacti-1.2.16-CVE-2020-35701.patch | 29 | ||||
-rw-r--r-- | net-analyzer/cacti/files/cacti-1.2.16-XSS-issue-4019.patch | 360 |
4 files changed, 446 insertions, 0 deletions
diff --git a/net-analyzer/cacti/Manifest b/net-analyzer/cacti/Manifest index 7d629d85d571..5dcdf5989180 100644 --- a/net-analyzer/cacti/Manifest +++ b/net-analyzer/cacti/Manifest @@ -1,6 +1,9 @@ +AUX cacti-1.2.16-CVE-2020-35701.patch 706 BLAKE2B 746fca9b32bc863fd701f86df53f22284de9ffec7d0ad42d7eb0376e27b9e482d82a482d937f40ec61fff41d3a7cec0fcda6e3282087c9597c32a4147e0a9c1e SHA512 f909820f8c57ca61571b15d2304567d3333563520cb5611f8f01c22c22e155104fa6958eda3605d66af7ba29b756ff826a259faf587b63e04ba20bcd09f8a9cd +AUX cacti-1.2.16-XSS-issue-4019.patch 19600 BLAKE2B 3a9f2c7474a633c8633fdaaa5db71c124c486e796dbdbbfdc5ed53ece7cd0f45652b1e62a4355855f8512b03e5a4ca9189ee50dd2784cbd0e8d84ee9f131d0fc SHA512 f002b947c27c3b2a6ba8300eae456fca771d5283bfd9a7516239745e41b7b6521b7affed6122ffc3c8f7108a4de70cfbf2411970065bd47a9164b0a849656947 AUX postinstall-en.txt 2249 BLAKE2B ec7a32177aca0ebec0194fc4dee825251a5ac71c1005c41f91ba7e7da690e8b3734312b7df5ef506aea771284264035517a73c12d37be1e9479dea7e6e5a99d4 SHA512 8df52b187b301b42382746f9dea43993f7963edf018bc80e94305a743ea5fbb024d670917c0200f4782c0a3bd47abfb879c755ad415581616ae5c6413cf00623 DIST cacti-1.2.14.tar.gz 25182521 BLAKE2B 555c30ebd06ac71df608a1564892ecd176cf46fa079fd3615dc59fd984bc8bedd4512d971dc3c2731848107da728724ef459d84f0308bef8b0b6ab943b8bc3cf SHA512 734d8e059ea47630072269d92ad79e773268c5dd1cd9c565d23c41b2a74c8892bdc5190f7de6bb9ed281a67ade9c8ef6d723a9d4f486a4ba9aca99182d6ad056 DIST cacti-1.2.16.tar.gz 29197220 BLAKE2B 19939d0ff79c895b481aeb7ffec8331d8b9c10a6b7e0dbda6532e06ef0322f21cf02f4bf53a9522e1f672dd04b343f5550e2f34f08b3af2050e1f72465cffc43 SHA512 fe22acf4dea8ab6ec79825d66a84ad4c43fdce2815e7327536d182bc04400ed7b1d268209bbbca8b307c4779ee5bf7369a617ec1f052d8805757c2ca9b30cc35 EBUILD cacti-1.2.14.ebuild 1011 BLAKE2B c9c42e80eb588faec3c8c16337905c5006fabe200bab3b0d1c8dfe6ff02391a52947d9efa30f331bd3352030d8d48bafbfe90d1b11ff9de1fe3eeffd7d2fdb16 SHA512 2b58b91c60e77448d15b8fd91b05692a3102e0ce699452b11a71b0c9767820e65a47e1feb816dfad6a0a16f3869e8f765ef97e67f08250a47a49f6cdadde92a8 +EBUILD cacti-1.2.16-r1.ebuild 1111 BLAKE2B 15341dcd648cf686bd1f840538494b700d96df84a924b5badfe8034d03f2ce859bf9b498b45031459e23a8cc26127ab7454f85c697c4d26cced5d1862232a6a4 SHA512 94639a653783ce6589f523f5506bc6f15abc8f9f21b585b39fa168b3ed8404d34b257673a870dca10c9d99d85425735c5c4527fd54e8f62ed94ff668d47402a6 EBUILD cacti-1.2.16.ebuild 1019 BLAKE2B 57e9066fc7f369946454a5530453429401e567d96dc29cccd805ddbfa08f39714ab4b96ca25fa4ac39e59f7745b5e4a0ef446c996da87cfcfdf5a96b2b80cf9e SHA512 cb2c4ee15777689a17bcade0e8c51ed6aeee1a28f177aa4236fbe223df080fe115f7f0c45826908d5e4d212dd1afb72eab9d06c70662f67dd7d27c14412c28b5 MISC metadata.xml 934 BLAKE2B ddf6460296c62f7aef96152fb724b1cdff7a846ac33e9119a935b63d4eb6d9aaf4ab077487300be4d38dd1a005e80de34bffec8a72bc34460e1f772c8e18ed56 SHA512 a7139b430dfe53fca0684b33e8f5e2e496d5b16deb0b5da52e427066b9388eb487273b166c53dc77a2db1770d39fd6669bff61cd70c65c94de35ce3acab0acc3 diff --git a/net-analyzer/cacti/cacti-1.2.16-r1.ebuild b/net-analyzer/cacti/cacti-1.2.16-r1.ebuild new file mode 100644 index 000000000000..78185ebd73d0 --- /dev/null +++ b/net-analyzer/cacti/cacti-1.2.16-r1.ebuild @@ -0,0 +1,54 @@ +# Copyright 1999-2021 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit edos2unix webapp + +# Support for _p* in version. +MY_P=${P/_p*/} + +DESCRIPTION="Cacti is a complete frontend to rrdtool" +HOMEPAGE="https://www.cacti.net/" +SRC_URI="https://www.cacti.net/downloads/${MY_P}.tar.gz" + +LICENSE="GPL-2" +KEYWORDS="~alpha amd64 ~arm ~hppa ~ppc ~ppc64 sparc x86" +IUSE="snmp doc" + +need_httpd + +RDEPEND=" + dev-lang/php[cli,mysql,pdo,session,sockets,xml] + dev-php/adodb + net-analyzer/rrdtool[graph] + virtual/cron + snmp? ( >=net-analyzer/net-snmp-5.2.0 ) +" + +PATCHES=( + "${FILESDIR}/${P}-CVE-2020-35701.patch" + "${FILESDIR}/${P}-XSS-issue-4019.patch" +) + +src_compile() { :; } + +src_install() { + dodoc CHANGELOG + dodoc -r docs + mv docs .. || die + + webapp_src_preinst + + edos2unix `find -type f -name '*.php'` + + dodir ${MY_HTDOCSDIR} + cp -r . "${ED}"${MY_HTDOCSDIR} + + webapp_serverowned ${MY_HTDOCSDIR}/rra + webapp_serverowned ${MY_HTDOCSDIR}/log + webapp_configfile ${MY_HTDOCSDIR}/include/config.php + webapp_postinst_txt en "${FILESDIR}"/postinstall-en.txt + + webapp_src_install +} diff --git a/net-analyzer/cacti/files/cacti-1.2.16-CVE-2020-35701.patch b/net-analyzer/cacti/files/cacti-1.2.16-CVE-2020-35701.patch new file mode 100644 index 000000000000..f55b7b0a40df --- /dev/null +++ b/net-analyzer/cacti/files/cacti-1.2.16-CVE-2020-35701.patch @@ -0,0 +1,29 @@ +https://bugs.gentoo.org/765019 +https://github.com/Cacti/cacti/commit/565e0604a53f4988dc5b544d01f4a631eaa80d82 + +From 565e0604a53f4988dc5b544d01f4a631eaa80d82 Mon Sep 17 00:00:00 2001 +From: TheWitness <thewitness@cacti.net> +Date: Thu, 24 Dec 2020 10:39:50 -0500 +Subject: [PATCH] Fixing Issue #4022 + +SQL Injection in data_debug.php +--- a/data_debug.php ++++ b/data_debug.php +@@ -35,6 +35,8 @@ + + set_default_action(); + ++validate_request_vars(); ++ + switch (get_request_var('action')) { + case 'actions': + form_actions(); +@@ -123,8 +125,6 @@ + + break; + default: +- validate_request_vars(); +- + $refresh = array( + 'seconds' => get_request_var('refresh'), + 'page' => 'data_debug.php?header=false', diff --git a/net-analyzer/cacti/files/cacti-1.2.16-XSS-issue-4019.patch b/net-analyzer/cacti/files/cacti-1.2.16-XSS-issue-4019.patch new file mode 100644 index 000000000000..1f09e572c860 --- /dev/null +++ b/net-analyzer/cacti/files/cacti-1.2.16-XSS-issue-4019.patch @@ -0,0 +1,360 @@ +https://github.com/Cacti/cacti/issues/4019 + +From ef10fe1c340ed932dc18b6a566b21f9dd15933c2 Mon Sep 17 00:00:00 2001 +From: TheWitness <thewitness@cacti.net> +Date: Wed, 23 Dec 2020 16:33:27 -0500 +Subject: [PATCH] Fixing Issue #4019 + +* In a recent audit of core Cacti code, there were a few stored XSS issues that can be exposed +* Also removed a few spurious title_trims, that should no longer be a problem. +--- a/automation_devices.php ++++ b/automation_devices.php +@@ -485,7 +485,7 @@ function draw_filter() { + <?php + if (cacti_sizeof($networks)) { + foreach ($networks as $key => $name) { +- print "<option value='" . $key . "'"; if (get_request_var('network') == $key) { print ' selected'; } print '>' . $name . "</option>"; ++ print "<option value='" . html_escape($key) . "'"; if (get_request_var('network') == $key) { print ' selected'; } print '>' . html_escape($name) . "</option>"; + } + } + ?> +@@ -515,7 +515,7 @@ function draw_filter() { + <?php + if (cacti_sizeof($status_arr)) { + foreach ($status_arr as $st) { +- print "<option value='" . $st . "'"; if (get_request_var('status') == $st) { print ' selected'; } print '>' . $st . "</option>"; ++ print "<option value='" . html_escape($st) . "'"; if (get_request_var('status') == $st) { print ' selected'; } print '>' . html_escape($st) . "</option>"; + } + } + ?> +@@ -530,7 +530,7 @@ function draw_filter() { + <?php + if (cacti_sizeof($os_arr)) { + foreach ($os_arr as $st) { +- print "<option value='" . $st . "'"; if (get_request_var('os') == $st) { print ' selected'; } print '>' . $st . "</option>"; ++ print "<option value='" . html_escape($st) . "'"; if (get_request_var('os') == $st) { print ' selected'; } print '>' . html_escape($st) . "</option>"; + } + } + ?> +@@ -545,7 +545,7 @@ function draw_filter() { + <?php + if (cacti_sizeof($status_arr)) { + foreach ($status_arr as $st) { +- print "<option value='" . $st . "'"; if (get_request_var('snmp') == $st) { print ' selected'; } print '>' . $st . "</option>"; ++ print "<option value='" . html_escape($st) . "'"; if (get_request_var('snmp') == $st) { print ' selected'; } print '>' . html_escape($st) . "</option>"; + } + } + ?> +@@ -560,7 +560,7 @@ function draw_filter() { + <?php + if (cacti_sizeof($item_rows) > 0) { + foreach ($item_rows as $key => $value) { +- print "<option value='" . $key . "'"; if (get_request_var('rows') == $key) { print ' selected'; } print '>' . $value . "</option>"; ++ print "<option value='" . $key . "'"; if (get_request_var('rows') == $key) { print ' selected'; } print '>' . html_escape($value) . "</option>"; + } + } + ?> +--- a/data_debug.php ++++ b/data_debug.php +@@ -969,7 +969,7 @@ function data_debug_filter() { + + if (cacti_sizeof($templates) > 0) { + foreach ($templates as $template) { +- print "<option value='" . $template['id'] . "'"; if (get_request_var('template_id') == $template['id']) { print ' selected'; } print '>' . title_trim(html_escape($template['name']), 40) . "</option>"; ++ print "<option value='" . $template['id'] . "'"; if (get_request_var('template_id') == $template['id']) { print ' selected'; } print '>' . html_escape($template['name']) . '</option>'; + } + } + ?> +@@ -997,7 +997,7 @@ function data_debug_filter() { + $profiles = array_rekey(db_fetch_assoc('SELECT id, name FROM data_source_profiles ORDER BY name'), 'id', 'name'); + if (cacti_sizeof($profiles)) { + foreach ($profiles as $key => $value) { +- print "<option value='" . $key . "'"; if (get_request_var('profile') == $key) { print ' selected'; } print '>' . html_escape($value) . "</option>"; ++ print "<option value='" . $key . "'"; if (get_request_var('profile') == $key) { print ' selected'; } print '>' . html_escape($value) . '</option>'; + } + } + ?> +@@ -1063,7 +1063,7 @@ function data_debug_filter() { + <?php + if (cacti_sizeof($item_rows) > 0) { + foreach ($item_rows as $key => $value) { +- print "<option value='" . $key . "'"; if (get_request_var('rows') == $key) { print ' selected'; } print '>' . html_escape($value) . "</option>"; ++ print "<option value='" . $key . "'"; if (get_request_var('rows') == $key) { print ' selected'; } print '>' . html_escape($value) . '</option>'; + } + } + ?> +--- a/data_sources.php ++++ b/data_sources.php +@@ -1361,7 +1361,7 @@ function clearFilter() { + + if (cacti_sizeof($templates)) { + foreach ($templates as $template) { +- print "<option value='" . $template['id'] . "'"; if (get_request_var('template_id') == $template['id']) { print ' selected'; } print '>' . title_trim(html_escape($template['name']), 40) . '</option>'; ++ print "<option value='" . $template['id'] . "'"; if (get_request_var('template_id') == $template['id']) { print ' selected'; } print '>' . html_escape($template['name']) . '</option>'; + } + } + ?> +--- a/lib/api_automation.php ++++ b/lib/api_automation.php +@@ -154,7 +154,7 @@ function clearDeviceFilter() { + + if (cacti_sizeof($host_templates)) { + foreach ($host_templates as $host_template) { +- print "<option value='" . $host_template['id'] . "'"; if (get_request_var('host_template_id') == $host_template['id']) { print ' selected'; } print '>' . $host_template['name'] . "</option>\n"; ++ print "<option value='" . $host_template['id'] . "'"; if (get_request_var('host_template_id') == $host_template['id']) { print ' selected'; } print '>' . html_escape($host_template['name']) . '</option>'; + } + } + ?> +@@ -184,7 +184,7 @@ function clearDeviceFilter() { + <?php + if (cacti_sizeof($item_rows)) { + foreach ($item_rows as $key => $value) { +- print "<option value='". $key . "'"; if (get_request_var('rowsd') == $key) { print ' selected'; } print '>' . $value . '</option>\n'; ++ print "<option value='". $key . "'"; if (get_request_var('rowsd') == $key) { print ' selected'; } print '>' . $value . '</option>'; + } + } + ?> +@@ -432,7 +432,7 @@ function clearFilter() { + $hosts = get_allowed_devices(); + if (cacti_sizeof($hosts)) { + foreach ($hosts as $host) { +- print "<option value='" . $host['id'] . "'"; if (get_request_var('host_id') == $host['id']) { print ' selected'; } print '>' . html_escape($host['description']) . "</option>\n"; ++ print "<option value='" . $host['id'] . "'"; if (get_request_var('host_id') == $host['id']) { print ' selected'; } print '>' . html_escape($host['description']) . '</option>'; + } + } + ?> +@@ -453,7 +453,7 @@ function clearFilter() { + + if (cacti_sizeof($templates) > 0) { + foreach ($templates as $template) { +- print "<option value=' " . $template['id'] . "'"; if (get_request_var('template_id') == $template['id']) { print ' selected'; } print '>' . title_trim($template['name'], 40) . "</option>\n"; ++ print "<option value=' " . $template['id'] . "'"; if (get_request_var('template_id') == $template['id']) { print ' selected'; } print '>' . html_escape($template['name']) . '</option>'; + } + } + ?> +@@ -484,7 +484,7 @@ function clearFilter() { + <?php + if (cacti_sizeof($item_rows)) { + foreach ($item_rows as $key => $value) { +- print "<option value='" . $key . "'"; if (get_request_var('rows') == $key) { print ' selected'; } print '>' . $value . "</option>\n"; ++ print "<option value='" . $key . "'"; if (get_request_var('rows') == $key) { print ' selected'; } print '>' . $value . '</option>'; + } + } + ?> +@@ -718,7 +718,7 @@ function clearObjectFilter() { + <?php + if (cacti_sizeof($item_rows)) { + foreach ($item_rows as $key => $value) { +- print "<option value='". $key . "'"; if (get_request_var('rows') == $key) { print ' selected'; } print '>' . $value . '</option>\n'; ++ print "<option value='". $key . "'"; if (get_request_var('rows') == $key) { print ' selected'; } print '>' . $value . '</option>'; + } + } + ?> +@@ -1078,10 +1078,10 @@ function clearFilter() { + <?php + $host_templates = db_fetch_assoc('select id,name from host_template order by name'); + +- if (cacti_sizeof($host_templates) > 0) { +- foreach ($host_templates as $host_template) { +- print "<option value='" . $host_template['id'] . "'"; if (get_request_var('host_template_id') == $host_template['id']) { print ' selected'; } print '>' . $host_template['name'] . "</option>\n"; +- } ++ if (cacti_sizeof($host_templates)) { ++ foreach ($host_templates as $host_template) { ++ print "<option value='" . $host_template['id'] . "'"; if (get_request_var('host_template_id') == $host_template['id']) { print ' selected'; } print '>' . html_escape($host_template['name']) . '</option>'; ++ } + } + ?> + </select> +@@ -1110,7 +1110,7 @@ function clearFilter() { + <?php + if (cacti_sizeof($item_rows)) { + foreach ($item_rows as $key => $value) { +- print "<option value='" . $key . "'"; if (get_request_var('rows') == $key) { print ' selected'; } print '>' . $value . "</option>\n"; ++ print "<option value='" . $key . "'"; if (get_request_var('rows') == $key) { print ' selected'; } print '>' . $value . '</option>'; + } + } + ?> +--- a/lib/html.php ++++ b/lib/html.php +@@ -998,7 +998,7 @@ function html_create_list($form_data, $column_display, $column_id, $form_previou + print ' selected'; + } + +- print '>' . title_trim(null_out_substitutions(html_escape($form_data[$id])), 75) . '</option>'; ++ print '>' . html_escape(null_out_substitutions($form_data[$id])) . '</option>'; + } + } + } else { +@@ -1011,9 +1011,9 @@ function html_create_list($form_data, $column_display, $column_id, $form_previou + } + + if (isset($row['host_id'])) { +- print '>' . title_trim(html_escape($row[$column_display]), 75) . '</option>'; ++ print '>' . html_escape($row[$column_display]) . '</option>'; + } else { +- print '>' . title_trim(null_out_substitutions(html_escape($row[$column_display])), 75) . '</option>'; ++ print '>' . html_escape(null_out_substitutions($row[$column_display])) . '</option>'; + } + } + } +@@ -2010,7 +2010,7 @@ function html_host_filter($host_id = '-1', $call_back = 'applyFilter', $sql_wher + + if (cacti_sizeof($devices)) { + foreach ($devices as $device) { +- print "<option value='" . $device['id'] . "'"; if ($host_id == $device['id']) { print ' selected'; } print '>' . title_trim(html_escape(strip_domain($device['description'])), 40) . '</option>'; ++ print "<option value='" . $device['id'] . "'"; if ($host_id == $device['id']) { print ' selected'; } print '>' . html_escape(strip_domain($device['description'])) . '</option>'; + } + } + ?> +@@ -2385,6 +2385,7 @@ function html_common_header($title, $selectedTheme = '') { + <meta name='apple-mobile-web-app-capable' content='yes'> + <meta name='description' content='Monitoring tool of the Internet'> + <meta name='mobile-web-app-capable' content='yes'> ++ <meta name="theme-color" content="#161616"/> + <meta http-equiv="Content-Security-Policy" content="default-src *; img-src 'self' <?php print $alternates;?> data: blob:; style-src 'self' 'unsafe-inline' <?php print $alternates;?>; script-src 'self' <?php print $script_policy;?> 'unsafe-inline' <?php print $alternates;?>; worker-src 'self'"> + <meta name='robots' content='noindex,nofollow'> + <title><?php print $title; ?></title> +--- a/lib/html_graph.php ++++ b/lib/html_graph.php +@@ -212,9 +212,9 @@ function html_graph_preview_filter($page, $action, $devices_where = '', $templat + <select id='graphs' onChange='applyGraphFilter()'> + <?php + if (cacti_sizeof($graphs_per_page)) { +- foreach ($graphs_per_page as $key => $value) { +- print "<option value='" . $key . "'"; if (get_request_var('graphs') == $key) { print ' selected'; } print '>' . $value . "</option>\n"; +- } ++ foreach ($graphs_per_page as $key => $value) { ++ print "<option value='" . $key . "'"; if (get_request_var('graphs') == $key) { print ' selected'; } print '>' . $value . "</option>\n"; ++ } + } + ?> + </select> +@@ -260,7 +260,7 @@ function html_graph_preview_filter($page, $action, $devices_where = '', $templat + + if (cacti_sizeof($graph_timespans)) { + foreach($graph_timespans as $value => $text) { +- print "<option value='$value'"; if ($_SESSION['sess_current_timespan'] == $value) { print ' selected'; } print '>' . $text . "</option>\n"; ++ print "<option value='$value'"; if ($_SESSION['sess_current_timespan'] == $value) { print ' selected'; } print '>' . html_escape($text) . '</option>'; + } + } + ?> +@@ -293,7 +293,7 @@ function html_graph_preview_filter($page, $action, $devices_where = '', $templat + $end_val = cacti_sizeof($graph_timeshifts)+1; + if (cacti_sizeof($graph_timeshifts) > 0) { + for ($shift_value=$start_val; $shift_value < $end_val; $shift_value++) { +- print "<option value='$shift_value'"; if ($_SESSION['sess_current_timeshift'] == $shift_value) { print ' selected'; } print '>' . title_trim($graph_timeshifts[$shift_value], 40) . "</option>\n"; ++ print "<option value='$shift_value'"; if ($_SESSION['sess_current_timeshift'] == $shift_value) { print ' selected'; } print '>' . html_escape($graph_timeshifts[$shift_value]) . '</option>'; + } + } + ?> +--- a/lib/html_tree.php ++++ b/lib/html_tree.php +@@ -1138,7 +1138,7 @@ function grow_right_pane_tree($tree_id, $leaf_id, $host_group_data) { + + if (cacti_sizeof($graph_timespans)) { + foreach($graph_timespans as $value => $text) { +- print "<option value='$value'"; if ($_SESSION['sess_current_timespan'] == $value) { print ' selected'; } print '>' . $text . '</option>'; ++ print "<option value='$value'"; if ($_SESSION['sess_current_timespan'] == $value) { print ' selected'; } print '>' . html_escape($text) . '</option>'; + } + } + ?> +@@ -1171,7 +1171,7 @@ function grow_right_pane_tree($tree_id, $leaf_id, $host_group_data) { + $end_val = cacti_sizeof($graph_timeshifts)+1; + if (cacti_sizeof($graph_timeshifts)) { + for ($shift_value=$start_val; $shift_value < $end_val; $shift_value++) { +- print "<option value='$shift_value'"; if ($_SESSION['sess_current_timeshift'] == $shift_value) { print ' selected'; } print '>' . title_trim($graph_timeshifts[$shift_value], 40) . '</option>'; ++ print "<option value='$shift_value'"; if ($_SESSION['sess_current_timeshift'] == $shift_value) { print ' selected'; } print '>' . html_escape($graph_timeshifts[$shift_value]) . '</option>'; + } + } + ?> +--- a/managers.php ++++ b/managers.php +@@ -483,7 +483,7 @@ function clearFilter() { + <?php + if (cacti_sizeof($mibs)) { + foreach ($mibs as $mib) { +- print "<option value='" . $mib['mib'] . "'"; if (get_request_var('mib') == $mib['mib']) { print ' selected'; } print '>' . $mib['mib'] . '</option>'; ++ print "<option value='" . html_escape($mib['mib']) . "'"; if (get_request_var('mib') == $mib['mib']) { print ' selected'; } print '>' . html_escape($mib['mib']) . '</option>'; + } + } + ?> +--- a/utilities.php ++++ b/utilities.php +@@ -812,7 +812,7 @@ function applyFilter() { + + if (cacti_sizeof($users)) { + foreach ($users as $user) { +- print "<option value='" . $user['username'] . "'"; if (get_request_var('username') == $user['username']) { print ' selected'; } print '>' . $user['username'] . '</option>'; ++ print "<option value='" . html_escape($user['username']) . "'"; if (get_request_var('username') == $user['username']) { print ' selected'; } print '>' . html_escape($user['username']) . '</option>'; + } + } + ?> +@@ -1034,19 +1034,19 @@ function utilities_view_logfile() { + + $logfile = basename(get_nfilter_request_var('filename')); + $logbase = basename(read_config_option('path_cactilog')); +- ++ + if ($logfile == '') { + $logfile = $logbase; + } +- ++ + if ($logfile == '') { + $logfile = 'cacti.log'; + } +- ++ + $logname = ''; + $logpath = ''; + +- if (!clog_validate_filename($logfile, $logpath, $logname, true)) { ++ if (!clog_validate_filename($logfile, $logpath, $logname, true)) { + raise_message('clog_invalid'); + header('Location: utilities.php?action=view_logfile&filename=' . $logbase); + exit(0); +@@ -1171,7 +1171,7 @@ function clearFilter() { + + if (cacti_sizeof($logFileArray)) { + foreach ($logFileArray as $logFile) { +- print "<option value='" . $logFile . "'"; ++ print "<option value='" . html_escape($logFile) . "'"; + + if (get_nfilter_request_var('filename') == $logFile) { + print ' selected'; +@@ -1182,7 +1182,7 @@ function clearFilter() { + $logDate = cacti_count($logParts) < 2 ? '' : $logParts[1] . (isset($logParts[2]) ? '-' . $logParts[2]:''); + $logName = $logParts[0]; + +- print '>' . $logName . ($logDate != '' ? ' [' . substr($logDate,4) . ']':'') . '</option>'; ++ print '>' . html_escape($logName . ($logDate != '' ? ' [' . substr($logDate,4) . ']':'')) . '</option>'; + } + } + ?> +@@ -1807,7 +1807,7 @@ function clearFilter() { + + if (cacti_sizeof($templates)) { + foreach ($templates as $template) { +- print "<option value='" . $template['id'] . "'"; if (get_request_var('template_id') == $template['id']) { print ' selected'; } print '>' . title_trim(html_escape($template['name']), 40) . '</option>'; ++ print "<option value='" . $template['id'] . "'"; if (get_request_var('template_id') == $template['id']) { print ' selected'; } print '>' . html_escape($template['name']) . '</option>'; + } + } + ?> +@@ -2540,7 +2540,7 @@ function clearFilter() { + <?php + if (cacti_sizeof($mibs) > 0) { + foreach ($mibs as $mib) { +- print "<option value='" . $mib['mib'] . "'"; if (get_request_var('mib') == $mib['mib']) { print ' selected'; } print '>' . html_escape($mib['mib']) . '</option>'; ++ print "<option value='" . html_escape($mib['mib']) . "'"; if (get_request_var('mib') == $mib['mib']) { print ' selected'; } print '>' . html_escape($mib['mib']) . '</option>'; + } + } + ?> +@@ -2804,7 +2804,7 @@ function purgeFilter() { + <option value='-1'<?php if (get_request_var('receiver') == '-1') {?> selected<?php }?>><?php print __('Any');?></option> + <?php + foreach ($receivers as $receiver) { +- print "<option value='" . $receiver['manager_id'] . "'"; if (get_request_var('receiver') == $receiver['manager_id']) { print ' selected'; } print '>' . $receiver['hostname'] . '</option>'; ++ print "<option value='" . $receiver['manager_id'] . "'"; if (get_request_var('receiver') == $receiver['manager_id']) { print ' selected'; } print '>' . html_escape($receiver['hostname']) . '</option>'; + } + ?> + </select> |