amoralej / rpms / 389-ds-base

Forked from rpms/389-ds-base 5 years ago
Clone

Blame SOURCES/0018-Ticket-47910-logconv.pl-validate-start-and-end-time-.patch

a2f18f
From 5f0aab1fccab4c191b2083aea88e28856caf1a4c Mon Sep 17 00:00:00 2001
a2f18f
From: Mark Reynolds <mreynolds@redhat.com>
a2f18f
Date: Tue, 14 Jul 2015 10:09:00 -0400
a2f18f
Subject: [PATCH 18/20] Ticket 47910 - logconv.pl - validate start and end time
a2f18f
 args
a2f18f
a2f18f
Description:  Add validatation checks for the startTime/endTime configuration
a2f18f
              arguments(-S, -E)
a2f18f
a2f18f
https://fedorahosted.org/389/ticket/47910
a2f18f
a2f18f
Reviewed by: rmeggins(Thanks!)
a2f18f
a2f18f
(cherry picked from commit 8495afa57ad837e3a51871a4f6da2a9978c8e711)
a2f18f
(cherry picked from commit 3bf1daaadd7e7c7b0f99d1f7a93d78598730269d)
a2f18f
---
a2f18f
 ldap/admin/src/logconv.pl | 65 +++++++++++++++++++++++++++++++++++------------
a2f18f
 1 file changed, 49 insertions(+), 16 deletions(-)
a2f18f
a2f18f
diff --git a/ldap/admin/src/logconv.pl b/ldap/admin/src/logconv.pl
a2f18f
index ce4114e..7ca9084 100755
a2f18f
--- a/ldap/admin/src/logconv.pl
a2f18f
+++ b/ldap/admin/src/logconv.pl
a2f18f
@@ -24,6 +24,7 @@ use DB_File;
a2f18f
 use sigtrap qw(die normal-signals);
a2f18f
 use Archive::Tar;
a2f18f
 use IO::Uncompress::AnyUncompress qw($AnyUncompressError);
a2f18f
+use Scalar::Util qw(looks_like_number);
a2f18f
 
a2f18f
 Getopt::Long::Configure ("bundling");
a2f18f
 Getopt::Long::Configure ("permute");
a2f18f
@@ -341,18 +342,18 @@ $connmsg{"P2"} = "Poll";
a2f18f
 $connmsg{"U1"} = "Cleanly Closed Connections";
a2f18f
 
a2f18f
 my %monthname = (
a2f18f
-	"Jan" => 0,
a2f18f
-	"Feb" => 1,
a2f18f
-	"Mar" => 2,
a2f18f
-	"Apr" => 3,
a2f18f
-	"May" => 4,
a2f18f
-	"Jun" => 5,
a2f18f
-	"Jul" => 6,
a2f18f
-	"Aug" => 7,
a2f18f
-	"Sep" => 8,
a2f18f
-	"Oct" => 9,
a2f18f
-	"Nov" => 10,
a2f18f
-	"Dec" => 11,
a2f18f
+	"jan" => 0,
a2f18f
+	"feb" => 1,
a2f18f
+	"mar" => 2,
a2f18f
+	"apr" => 3,
a2f18f
+	"may" => 4,
a2f18f
+	"jun" => 5,
a2f18f
+	"jul" => 6,
a2f18f
+	"aug" => 7,
a2f18f
+	"sep" => 8,
a2f18f
+	"oct" => 9,
a2f18f
+	"nov" => 10,
a2f18f
+	"dec" => 11,
a2f18f
 
a2f18f
 );
a2f18f
 
a2f18f
@@ -411,11 +412,27 @@ sub convertTimeToSeconds {
a2f18f
 	my $logDate;
a2f18f
 	my @dateComps;
a2f18f
 	my ($timeMonth, $timeDay, $timeYear, $dateTotal);
a2f18f
+	$dateTotal = 0;
a2f18f
 	if ($log_line =~ / *([0-9A-Z\/]+)/i ){
a2f18f
 		$logDate = $1;
a2f18f
 		@dateComps = split /\//, $logDate;
a2f18f
-
a2f18f
-		$timeMonth = 1 + $monthname{$dateComps[1]};
a2f18f
+		if ($#dateComps < 2) {
a2f18f
+			print "The date string ($log_line) is invalid, exiting...\n";
a2f18f
+			exit(1);
a2f18f
+		}
a2f18f
+		if (!looks_like_number($dateComps[0]) || length $dateComps[0] != 2) {
a2f18f
+			print "The date string ($log_line) has invalid day ($dateComps[0]), exiting...\n";
a2f18f
+			exit(1);
a2f18f
+		}
a2f18f
+		if ($monthname{lc $dateComps[1]} eq "") {
a2f18f
+			print "The date string ($log_line) has invalid month ($dateComps[1]), exiting...\n";
a2f18f
+			exit(1);
a2f18f
+		}
a2f18f
+		if (!looks_like_number($dateComps[2]) || length $dateComps[2] != 4 ) {
a2f18f
+			print "The date string ($log_line) has invalid year ($dateComps[2]), exiting...\n";
a2f18f
+			exit(1);
a2f18f
+		}
a2f18f
+		$timeMonth = 1 + $monthname{lc $dateComps[1]};
a2f18f
 		$timeMonth = $timeMonth * 3600 * 24 * 30;
a2f18f
 		$timeDay= $dateComps[0] * 3600 * 24;
a2f18f
 		$timeYear = $dateComps[2] * 365 * 3600 * 24;
a2f18f
@@ -425,10 +442,26 @@ sub convertTimeToSeconds {
a2f18f
 	my $logTime;
a2f18f
 	my @timeComps;
a2f18f
 	my ($timeHour, $timeMinute, $timeSecond, $timeTotal);
a2f18f
+	$timeTotal = 0;
a2f18f
 	if ($log_line =~ / *(:[0-9:]+)/i ){
a2f18f
 		$logTime = $1;
a2f18f
 		@timeComps = split /:/, $logTime;
a2f18f
-
a2f18f
+		if ($#timeComps < 3) {
a2f18f
+			print "The time string ($log_line) is invalid, exiting...\n";
a2f18f
+			exit(1);
a2f18f
+		}
a2f18f
+		if (!looks_like_number($timeComps[1]) || length $timeComps[1] != 2){
a2f18f
+			print "The time string ($log_line) has invalid hour ($timeComps[1]), exiting...\n";
a2f18f
+			exit(1);
a2f18f
+		}
a2f18f
+		if (!looks_like_number($timeComps[2]) || length $timeComps[2] != 2){
a2f18f
+			print "The time string ($log_line) has invalid minute ($timeComps[2]), exiting...\n";
a2f18f
+			exit(1);
a2f18f
+		}
a2f18f
+		if (!looks_like_number($timeComps[3]) || length $timeComps[3] != 2){
a2f18f
+			print "The time string ($log_line) has invalid second ($timeComps[3]), exiting...\n";
a2f18f
+			exit(1);
a2f18f
+		}
a2f18f
 		$timeHour = $timeComps[1] * 3600;
a2f18f
 		$timeMinute = $timeComps[2] * 60;
a2f18f
 		$timeSecond = $timeComps[3];
a2f18f
@@ -1796,7 +1829,7 @@ sub parseLineNormal
a2f18f
 		}
a2f18f
 		my ($date, $hr, $min, $sec) = split (':', $time);
a2f18f
 		my ($day, $mon, $yr) = split ('/', $date);
a2f18f
-		my $newmin = timegm(0, $min, $hr, $day, $monthname{$mon}, $yr) - $tzoff;
a2f18f
+		my $newmin = timegm(0, $min, $hr, $day, $monthname{lc $mon}, $yr) - $tzoff;
a2f18f
 		$gmtime = $newmin + $sec;
a2f18f
 		print_stats_block( $s_stats );
a2f18f
 		reset_stats_block( $s_stats, $gmtime, $time.' '.$tzone );
a2f18f
-- 
a2f18f
1.9.3
a2f18f